Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.05.2014, 18:52   #1
JustJoolez
 
Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Hallo alle zusammen,

meine Tante hat mir ihren Laptop vorbeigebracht mit der Aussage "der geht nicht mehr so richtig." Direkt nach dem hochfahren kam eine Popupfenster "4600 Fehler gefunden. Klicken Sie hier um die Fehler zu beheben." Als nächstes habe ich an die 15 Programme gefunden, die sich teilweise auch nicht mehr löschen lassen. Antivir war nicht installiert, das habe ich jetzt nachgeholt.

Die Frage ist ob es nicht sogar sinnvoll wäre, den PC einfach einmal ganz neu aufzusetzen, statt zu versuchen alle Viren und Trojaner zu beheben.

Hier aber einmal das logfile von Malwarebytes.
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/05/28 07:58:13 +0200</date>
<logfile>mbam-log-2014-05-28 (07-57-56).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.05.28.03</malware-database>
<rootkit-database>v2014.05.21.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 8</osversion>
<arch>x64</arch>
<username>kerstin</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>293189</objects>
<time>938</time>
<processes>3</processes>
<modules>0</modules>
<keys>123</keys>
<values>5</values>
<datas>1</datas>
<folders>11</folders>
<files>179</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<process><path>C:\ProgramData\InternetUpdater\InternetUpdaterService.exe</path><vendor>PUP.Optional.InternetUpdater.A</vendor><action>delete-on-reboot</action><pid>1992</pid><hash>f0d3ec6a7605b77f258c46fcbb464db3</hash></process>
<process><path>C:\Program Files\003\xmkysecqun64.exe</path><vendor>Adware.Adpeak</vendor><action>delete-on-reboot</action><pid>2120</pid><hash>576c1a3c5f1cdf578cceca7ff113e917</hash></process>
<process><path>C:\Program Files\003\xmkysecqun64.exe</path><vendor>PUP.Optional.AdPeak.A</vendor><action>delete-on-reboot</action><pid>2120</pid><hash>be0568ee225972c40c87791bd52d817f</hash></process>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\InternetUpdater</path><vendor>PUP.Optional.InternetUpdater.A</vendor><action>success</action><hash>f0d3ec6a7605b77f258c46fcbb464db3</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\xmkysecqun64</path><vendor>Adware.Adpeak</vendor><action>success</action><hash>576c1a3c5f1cdf578cceca7ff113e917</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}</path><vendor>PUP.Optional.WebSteroids.A</vendor><action>success</action><hash>2b980d4919623501bb06df51b15149b7</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}</path><vendor>PUP.Optional.WebSteroids.A</vendor><action>success</action><hash>2b980d4919623501bb06df51b15149b7</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{F2F1AE7C-149B-46D3-9498-12572C7AFE11}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{F2F1AE7C-149B-46D3-9498-12572C7AFE11}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Speed Test 127.ScriptHostObject.1</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Speed Test 127.ScriptHostObject</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Speed Test 127.ScriptHostObject</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Speed Test 127.ScriptHostObject.1</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>delete-on-reboot</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>delete-on-reboot</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Speed Test 127.Tool.1</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Speed Test 127.Tool</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Speed Test 127.Tool</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Speed Test 127.Tool.1</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}\INPROCSERVER32</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{C45EC9F0-8333-465D-9728-074BD41985C9}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{C099CD7B-A94C-4229-B6F7-76D3494C88D8}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C099CD7B-A94C-4229-B6F7-76D3494C88D8}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{E150D1BB-AC3A-4E9A-B93F-983DFF23FF84}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E150D1BB-AC3A-4E9A-B93F-983DFF23FF84}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Free Games 111.Tool.1</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Free Games 111.Tool</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Free Games 111.Tool</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Free Games 111.Tool.1</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C45EC9F0-8333-465D-9728-074BD41985C9}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Free Games 111.ScriptHostObject.1</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Free Games 111.ScriptHostObject</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Free Games 111.ScriptHostObject</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C45EC9F0-8333-465D-9728-074BD41985C9}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C45EC9F0-8333-465D-9728-074BD41985C9}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Free Games 111.ScriptHostObject.1</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C45EC9F0-8333-465D-9728-074BD41985C9}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>delete-on-reboot</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C45EC9F0-8333-465D-9728-074BD41985C9}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>delete-on-reboot</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{C45EC9F0-8333-465D-9728-074BD41985C9}\INPROCSERVER32</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}</path><vendor>PUP.Optional.DynConIE.A</vendor><action>success</action><hash>33900c4a285386b0226d0e22af53936d</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}</path><vendor>PUP.Optional.DynConIE.A</vendor><action>success</action><hash>33900c4a285386b0226d0e22af53936d</hash></key>
<key><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}</path><vendor>PUP.Optional.MultiIE.A</vendor><action>delete-on-reboot</action><hash>05beb3a3116a68cef28382aabd4520e0</hash></key>
<key><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}</path><vendor>PUP.Optional.MultiIE.A</vendor><action>delete-on-reboot</action><hash>05beb3a3116a68cef28382aabd4520e0</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>3a89f561d5a653e387a669fcf60c6799</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>00c385d13b407fb7250995d0738f1de3</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>15ae71e5fe7d0c2afbc7461e42c0f30d</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\xmkysecqun64</path><vendor>PUP.Optional.AdPeak.A</vendor><action>success</action><hash>be0568ee225972c40c87791bd52d817f</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\InternetUpdater</path><vendor>PUP.Optional.InternetUpdater.A</vendor><action>success</action><hash>1ba874e2403bcf67913f8d1b3bc76d93</hash></key>
<key><path>HKLM\SOFTWARE\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>c00376e0c4b726100a1020899b6713ed</hash></key>
<key><path>HKLM\SOFTWARE\suprasavings</path><vendor>PUP.Optional.SupraSavings.A</vendor><action>success</action><hash>d7ec3b1ba0dbb2846e781188748e2ad6</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Free Games 111.BackgroundHostObject</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a61d82d41c5f8da9ebcc7631f80a5aa6</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Free Games 111.BackgroundHostObject.1</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>675c76e07ffcdb5b684ff2b518eaea16</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Free Games 111.Navbar</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>952e272f7dfe49edd2e5d1d6b949da26</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Free Games 111.Navbar.1</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>952eb2a4adcea88edcdb5f48d82a728e</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>586b094d6a1188ae82dce9ea3bc814ec</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Speed Test 127.BackgroundHostObject</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>23a0bc9a116a93a33089c8dfc83a28d8</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Speed Test 127.BackgroundHostObject.1</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>3b880c4ac8b3a78f06b3634450b2d030</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Speed Test 127.Navbar</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>ffc45cfaef8c47ef6851cdda60a29d63</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Speed Test 127.Navbar.1</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>6f54f85e017a89ad91283077ef1329d7</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>fcc714422c4f0630e6340a9ff50dbb45</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Free Games 111.BackgroundHostObject</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>b60d59fdfa8183b3981faef97d854fb1</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Free Games 111.BackgroundHostObject.1</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>4e753620205b6dc937803a6d669c26da</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Free Games 111.Navbar</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>527185d14932290d8b2cd4d36f932dd3</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Free Games 111.Navbar.1</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>0fb4193da3d842f406b14f587989bd43</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>ead9bf975823a294f96519ba9172669a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Speed Test 127.BackgroundHostObject</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>368d58fec7b451e5dedb5453649e8878</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Speed Test 127.BackgroundHostObject.1</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>c7fc16401a61979ffcbd951213ef14ec</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Speed Test 127.Navbar</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>e8dbfa5cc2b96accb504fea9db27ac54</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\Speed Test 127.Navbar.1</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>e8dbc19595e68fa763564c5b7d8529d7</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\PERFORMERSOFT\PC Performer</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>705330263a41221442e81aa5c43f19e7</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\SWEETIM</path><vendor>PUP.Optional.SweetIM.A</vendor><action>success</action><hash>40834610f982ee48c757c4fb3fc4fa06</hash></key>
<key><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings</path><vendor>PUP.Optional.SupraSavings.A</vendor><action>delete-on-reboot</action><hash>2d96f75f98e39a9cc4248712da2845bb</hash></key>
<key><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PERFORMERSOFT\PC Performer</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>delete-on-reboot</action><hash>576cd581f586b97d919a417e9e650bf5</hash></key>
<key><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM</path><vendor>PUP.Optional.SweetIM.A</vendor><action>delete-on-reboot</action><hash>754ee2745724f73ff726982737cc916f</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{08BB1B53-9220-44C1-B29B-7795C8E5965D}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{08BB1B53-9220-44C1-B29B-7795C8E5965D}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{FD58258C-84A6-4DEF-9793-019BE7F491A7}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FD58258C-84A6-4DEF-9793-019BE7F491A7}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{16F7ED3A-ECD8-46C7-8FD3-E4A8C79884D7}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{38D7B10F-7131-4677-ACE1-B8A071D29901}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{38D7B10F-7131-4677-ACE1-B8A071D29901}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{16F7ED3A-ECD8-46C7-8FD3-E4A8C79884D7}</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{3013E03D-89D5-4580-8560-DB198297CC29}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{045F91B3-695F-423A-98C7-8DE3C47AA020}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{A1440EC3-F0FA-407A-B811-DE6668C06D29}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{C815E3DA-0823-49B0-9270-D1771D58B317}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{E4A994B0-5550-4680-A4C6-B9470B888069}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{F9EB11AB-9384-4736-9B33-993940F88895}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{045F91B3-695F-423A-98C7-8DE3C47AA020}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A1440EC3-F0FA-407A-B811-DE6668C06D29}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C815E3DA-0823-49B0-9270-D1771D58B317}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E4A994B0-5550-4680-A4C6-B9470B888069}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F9EB11AB-9384-4736-9B33-993940F88895}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3013E03D-89D5-4580-8560-DB198297CC29}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{B69509B5-4A90-4433-A2DE-BE439F6581F2}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B69509B5-4A90-4433-A2DE-BE439F6581F2}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{53FDCCB0-2404-4274-9002-5A3A1FD40426}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{53FDCCB0-2404-4274-9002-5A3A1FD40426}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></key>
<value><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS</path><valuename>{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</valuename><vendor>PUP.Optional.Iminent.A</vendor><action>delete-on-reboot</action><valuedata></valuedata><hash>15ae71e5fe7d0c2afbc7461e42c0f30d</hash></value>
<value><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}</path><valuename></valuename><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><valuedata></valuedata><hash>5f6479dd0c6fd95d853d8dd720e2ff01</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\SWEETIM</path><valuename>simapp_id</valuename><vendor>PUP.Optional.SweetIM.A</vendor><action>success</action><valuedata>1763663189423554559</valuedata><hash>40834610f982ee48c757c4fb3fc4fa06</hash></value>
<value><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\INTERNETUPDATER</path><valuename>ImagePath</valuename><vendor>PUP.Optional.InternetUpdater.A</vendor><action>success</action><valuedata>&quot;C:\ProgramData\InternetUpdater\InternetUpdaterService.exe&quot;</valuedata><hash>eed56cea7ffc360005cc55531fe334cc</hash></value>
<value><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM</path><valuename>simapp_id</valuename><vendor>PUP.Optional.SweetIM.A</vendor><action>delete-on-reboot</action><valuedata>1763663189423554559</valuedata><hash>754ee2745724f73ff726982737cc916f</hash></value>
<data><path>HKU\S-1-5-21-2506654650-796066991-677667921-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>PUP.Optional.Conduit.A</vendor><action>delete-on-reboot</action><valuedata>hxxp://search.conduit.com/?ctid=CT3317209&amp;octid=EB_ORIGINAL_CTID&amp;SearchSource=55&amp;CUI=&amp;UM=2&amp;UP=SP77B12B96-9349-43F0-8DCE-9D66842923C2&amp;SSPV=</valuedata><baddata>hxxp://search.conduit.com/?ctid=CT3317209&amp;octid=EB_ORIGINAL_CTID&amp;SearchSource=55&amp;CUI=&amp;UM=2&amp;UP=SP77B12B96-9349-43F0-8DCE-9D66842923C2&amp;SSPV=</baddata><gooddata>hxxp://www.google.com</gooddata><hash>11b2381e6813290d2d42163ad52f35cb</hash></data>
<folder><path>C:\ProgramData\InternetUpdater</path><vendor>PUP.Optional.InternetUpdater.A</vendor><action>delete-on-reboot</action><hash>1ba874e2403bcf67913f8d1b3bc76d93</hash></folder>
<folder><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></folder>
<folder><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer\Partial Backups</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></folder>
<folder><path>C:\Program Files (x86)\PC Performer</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></folder>
<folder><path>C:\Users\kerstin\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>cbf8e86e58236accc8f76a0de61c31cf</hash></folder>
<folder><path>C:\Program Files (x86)\IminentToolbar</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>ebd8e5715b20ba7c83591c5bc63cce32</hash></folder>
<folder><path>C:\Users\kerstin\AppData\Local\Temp\Iminent</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>5f64d77f67141f17dc2213645ca641bf</hash></folder>
<folder><path>C:\Users\kerstin\AppData\Local\Temp\CT3317209</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>477c183ec9b2999d005cef897989e719</hash></folder>
<folder><path>C:\Users\kerstin\AppData\Roaming\IminentToolbar</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>1da6f75f4833999d1f8e91e828da2bd5</hash></folder>
<folder><path>C:\Program Files (x86)\Free Games 111</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></folder>
<folder><path>C:\Program Files (x86)\Speed Test 127</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></folder>
<file><path>C:\ProgramData\InternetUpdater\InternetUpdaterService.exe</path><vendor>PUP.Optional.InternetUpdater.A</vendor><action>delete-on-reboot</action><hash>f0d3ec6a7605b77f258c46fcbb464db3</hash></file>
<file><path>C:\Program Files\003\xmkysecqun64.exe</path><vendor>Adware.Adpeak</vendor><action>delete-on-reboot</action><hash>576c1a3c5f1cdf578cceca7ff113e917</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\ScriptHost64.dll</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\ScriptHost.dll</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>a122470fb1ca6cca7117e74762a047b9</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\ScriptHost64.dll</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\ScriptHost.dll</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>a221c2941863a3938cd39896c141c63a</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\minibarchrome.exe</path><vendor>PUP.Optional.GenericExt.A</vendor><action>success</action><hash>d2f1f363b6c5b680f83c043909f708f8</hash></file>
<file><path>C:\temp\InstallFilter64.msi</path><vendor>PUP.Optional.AdPeak.A</vendor><action>success</action><hash>b21188cee79449ed6e0463da9e627c84</hash></file>
<file><path>C:\temp\t.msi</path><vendor>PUP.Optional.SupraSavings.A</vendor><action>success</action><hash>17ac470f087389ade8269dab8a7a7c84</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\verifier.exe</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>52712f27fa8136004073152d70902bd5</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\spstub.exe</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>358eacaa314afe382627938a50b1f50b</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\GCVerifier.dll</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>6a590e48f38841f5971acd75768a3ec2</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\nsh7AEF.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>0fb404529edd0630f8290f1b05fcf709</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\nsk3615.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>774c0551cbb03ff7111096946b960cf4</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\nso32D8.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>5a69cf87b1ca82b4d64bb575f11009f7</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\nsd7E7A.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>b310173f96e5f046ce536dbd4db48d73</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\dlLogic.exe</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>dde6292d285385b13e7450f29a666f91</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\n3304\Iminent_1712-b2fcad5e.exe</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>e9da90c67209f64004c7b39140c102fe</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\n3304\suprasavings_2703-e3e04064.exe</path><vendor>PUP.Optional.SupraSavings.A</vendor><action>success</action><hash>7350ff571f5cde5857e189a19d65a060</hash></file>
<file><path>C:\Windows\Temp\nsa13E5.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>ead9eb6b5b2058de1b06d05aeb16e61a</hash></file>
<file><path>C:\Windows\Temp\nsaD9F1.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>caf9fd59b6c5a78fa0810f1be41d29d7</hash></file>
<file><path>C:\Windows\Temp\nsbA377.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>aa19da7ce893c47223fed258b24f0000</hash></file>
<file><path>C:\Windows\Temp\nsbBA0A.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>d9ea1c3ad0ab24121f02a68410f14bb5</hash></file>
<file><path>C:\Windows\Temp\nsbC577.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>ac17e76f502bee4836eb35f590712dd3</hash></file>
<file><path>C:\Windows\Temp\nsn5A89.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>0db6282e9ae179bdd84988a209f88f71</hash></file>
<file><path>C:\Windows\Temp\nsn8900.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>685b60f65526a98dd74a8f9bba47d12f</hash></file>
<file><path>C:\Windows\Temp\nsn8C61.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>f2d14d09601b86b08998ef3bbf4226da</hash></file>
<file><path>C:\Windows\Temp\nsnEAB7.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>c6fd3f17ec8f3600bb66ed3de819817f</hash></file>
<file><path>C:\Windows\Temp\nso8BBF.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>992a1442e09bec4ae43d29010df444bc</hash></file>
<file><path>C:\Windows\Temp\nsp315F.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>b310b1a52c4f82b410115bcf7889f808</hash></file>
<file><path>C:\Windows\Temp\nsqA338.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>6d569fb7e596af87f72aaa80cc3546ba</hash></file>
<file><path>C:\Windows\Temp\nssB8CC.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>09bad185a8d32214e041c8629a679769</hash></file>
<file><path>C:\Windows\Temp\nst3FFF.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>893aafa783f8eb4ba77a8c9eee13946c</hash></file>
<file><path>C:\Windows\Temp\nst5AA9.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>caf9d482bfbc072f45dc38f220e1a15f</hash></file>
<file><path>C:\Windows\Temp\nstB509.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>e1e277df34479f97ab76f238669b6d93</hash></file>
<file><path>C:\Windows\Temp\nsu9AD.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>517299bdbbc069cdd34e0e1c0001f709</hash></file>
<file><path>C:\Windows\Temp\nsuA464.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>a2215501d0ab74c270b1b87279886e92</hash></file>
<file><path>C:\Windows\Temp\nswF86F.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>7a490f47adce5bdb75ac7baff011b050</hash></file>
<file><path>C:\Windows\Temp\nsx519A.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>0ab916400c6f87af54cd43e7f70aa65a</hash></file>
<file><path>C:\Windows\Temp\nsy21.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>a51e6ceaec8fcc6aae73240660a1c13f</hash></file>
<file><path>C:\Windows\Temp\nsy8193.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>695a1d392d4ef541111079b1ce330000</hash></file>
<file><path>C:\Windows\Temp\nsy8CA0.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>388b3e18314acc6a7da461c9966bdc24</hash></file>
<file><path>C:\Windows\Temp\nsyEAA8.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>7d460e483744bc7afc2506245ba68a76</hash></file>
<file><path>C:\Windows\Temp\nszA3E7.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>d6ed431369127eb8ef32e24854ad11ef</hash></file>
<file><path>C:\Windows\Temp\nsi340B.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>0ab97dd94536aa8c26fbe14955acd22e</hash></file>
<file><path>C:\Windows\Temp\nsj8EB4.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>546f1d39196270c6f82953d7ab56c040</hash></file>
<file><path>C:\Windows\Temp\nslC519.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>f2d15ff7097203335fc231f9c43d58a8</hash></file>
<file><path>C:\Windows\Temp\nsm31D8.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>0fb4ca8ccface2542cf574b646bba45c</hash></file>
<file><path>C:\Windows\Temp\nsmB8AC.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>41825ff71d5ebd7931f0f23841c0b848</hash></file>
<file><path>C:\Windows\Temp\nsmDE75.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>982bc78f4833c17580a133f703fe4db3</hash></file>
<file><path>C:\Windows\Temp\nsc2783.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>af14d97d1467092d5cc5f832b24f718f</hash></file>
<file><path>C:\Windows\Temp\nsc6661.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>0bb81640037852e49889d852fc0529d7</hash></file>
<file><path>C:\Windows\Temp\nse40DA.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>9c27fe58b9c239fdb36ef83226db3ac6</hash></file>
<file><path>C:\Windows\Temp\nseBD22.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>d9ea480e58239e983de4e94159a89070</hash></file>
<file><path>C:\Windows\Temp\nsf5E00.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>7350084ee59643f331f0fa3044bd9868</hash></file>
<file><path>C:\Windows\Temp\nsfF5A0.exe</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>358e1e383d3ef5411110c961738e8f71</hash></file>
<file><path>C:\Users\kerstin\Downloads\Adobe Reader.exe</path><vendor>PUP.Optional.Firseria</vendor><action>success</action><hash>883b4412077470c67f5f255b3dc45da3</hash></file>
<file><path>C:\Users\kerstin\Downloads\Allin1Convert.exe</path><vendor>PUP.Optional.MindSpark.A</vendor><action>success</action><hash>1ba8b3a30774d363b74eb87337cd1be5</hash></file>
<file><path>C:\Users\kerstin\Downloads\FreePDFReaderSetup.exe</path><vendor>PUP.Optional.InstallBrain.A</vendor><action>success</action><hash>8142be98d1aa9a9cdf9d8be33dc46799</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage</path><vendor>PUP.Optional.Superfish.A</vendor><action>success</action><hash>853e93c3403b0b2b8eb4c8c77e84e020</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal</path><vendor>PUP.Optional.Superfish.A</vendor><action>success</action><hash>962d80d674076bcb79c95639e220f907</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>dce74d0922599f97ee3fd9b730d2af51</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>b80bef67fe7d7cbaee3f504026dc6b95</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>13b0e27491ea70c6838d3a577e84fb05</hash></file>
<file><path>C:\Program Files\003\xmkysecqun64.exe</path><vendor>PUP.Optional.AdPeak.A</vendor><action>delete-on-reboot</action><hash>be0568ee225972c40c87791bd52d817f</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage</path><vendor>PUP.Optional.Websteroids.A</vendor><action>success</action><hash>e2e141152457e056a0c155458e747c84</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage-journal</path><vendor>PUP.Optional.Websteroids.A</vendor><action>success</action><hash>d7ec0d4996e5f54189d8bbdf7b87b44c</hash></file>
<file><path>C:\Windows\System32\roboot64.exe</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>d4ef5cfa34473ef842cb822037cb0ef2</hash></file>
<file><path>C:\ProgramData\InternetUpdater\InternetUpdater.ico</path><vendor>PUP.Optional.InternetUpdater.A</vendor><action>success</action><hash>1ba874e2403bcf67913f8d1b3bc76d93</hash></file>
<file><path>C:\ProgramData\InternetUpdater\app.dat</path><vendor>PUP.Optional.InternetUpdater.A</vendor><action>success</action><hash>1ba874e2403bcf67913f8d1b3bc76d93</hash></file>
<file><path>C:\ProgramData\InternetUpdater\data.dat</path><vendor>PUP.Optional.InternetUpdater.A</vendor><action>success</action><hash>1ba874e2403bcf67913f8d1b3bc76d93</hash></file>
<file><path>C:\ProgramData\InternetUpdater\InternetUpdaterService.exe.config</path><vendor>PUP.Optional.InternetUpdater.A</vendor><action>success</action><hash>1ba874e2403bcf67913f8d1b3bc76d93</hash></file>
<file><path>C:\ProgramData\InternetUpdater\Uninstall.exe</path><vendor>PUP.Optional.InternetUpdater.A</vendor><action>success</action><hash>1ba874e2403bcf67913f8d1b3bc76d93</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer\rcpupdate.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer\ExcludeList.rcp</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer\German_rcp.dat</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer\log_05-26-2014.log</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer\log_05-27-2014.log</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer\results.rcp</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer\TempHLList.rcp</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer\Partial Backups\00000001.rmx</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\PerformerSoft\PC Performer\Partial Backups\00000001.rxb</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>695a4d09b3c8340294b26d4f9d66b14f</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\xmllite.dll</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\Italian_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\Chinese_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\CleanSchedule.exe</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\Danish_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\Dutch_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\eng_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\Finnish_rcp_fi.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\French_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\German_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\greek_rcp_el.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\install_left_image.bmp</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\isxdl.dll</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\Japanese_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\korean_rcp_ko.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\Norwegian_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\PCPerformer.dll</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\PCPerformer.exe</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\polish_rcp_pl.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\portugese_rcp_pt.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\Portuguese_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\russian_rcp_ru.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\Spanish_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\Swedish_rcp.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\TraditionalCn_rcp_zh-tw.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\turkish_rcp_tr.ini</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\unins000.dat</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\unins000.exe</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Program Files (x86)\PC Performer\unins000.msg</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6e55bc9af4875adc0e39f7c51ae9dc24</hash></file>
<file><path>C:\Windows\Tasks\PC Performer_DEFAULT.job</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>4083282eb9c2ce6857f2902ca360e41c</hash></file>
<file><path>C:\Windows\Tasks\PC Performer_UPDATES.job</path><vendor>PUP.Optional.PCPerformer.A</vendor><action>success</action><hash>6c57f5615c1f43f37eb4249a60a39c64</hash></file>
<file><path>C:\Users\kerstin\AppData\Local\Temp\CT3317209\ddt.csf</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>477c183ec9b2999d005cef897989e719</hash></file>
<file><path>C:\Users\kerstin\AppData\Roaming\IminentToolbar\sqlite3.dll</path><vendor>PUP.Optional.Iminent.A</vendor><action>success</action><hash>1da6f75f4833999d1f8e91e828da2bd5</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\DeskTopIcon.ico</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\AddonsFramework.Typelib.dll</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\AddonsFramework.Typelib64.dll</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\background.html</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\BackgroundHost.exe</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\BackgroundHost64.exe</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\button.js</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\ButtonSite.dll</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\ButtonSite64.dll</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\config.xml</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\content.js</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon128.ico</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon128.png</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon16.ico</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon16.png</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon18.ico</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon18.png</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon24.ico</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon24.png</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon32.ico</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon32.png</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon48.ico</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\icon48.png</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\jquery-1.9.1.min.js</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\json2.min.js</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\options.htm</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\rjs.js</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\uninst.exe</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\uninstall.exe</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\updater.js</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Free Games 111\updaterWrapper.js</path><vendor>PUP.Optional.FreeGames.A</vendor><action>success</action><hash>9b28a7afaad1a69054a14e2ba55d966a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\DeskTopIcon.ico</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\AddonsFramework.Typelib.dll</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\AddonsFramework.Typelib64.dll</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\background.html</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\BackgroundHost.exe</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\BackgroundHost64.exe</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\button.js</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\ButtonSite.dll</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\ButtonSite64.dll</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\config.xml</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\content.js</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon128.ico</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon128.png</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon16.ico</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon16.png</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon18.ico</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon18.png</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon24.ico</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon24.png</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon32.ico</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon32.png</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon48.ico</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon48.png</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon64.ico</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\icon64.png</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\jquery-1.9.1.min.js</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\json2.min.js</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\options.htm</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\rjs.js</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\uninst.exe</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\uninstall.exe</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\updater.js</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
<file><path>C:\Program Files (x86)\Speed Test 127\updaterWrapper.js</path><vendor>PUP.Optional.SpeedTest.A</vendor><action>success</action><hash>348fca8c8cef5fd7b3430c6db052e61a</hash></file>
</items>
</mbam-log>
         
Der FRST Code:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by kerstin (administrator) on VAIO on 28-05-2014 08:29:47
Running from C:\Users\kerstin\Downloads
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [644656 2013-08-17] (McAfee, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {7b6b7b5f-94bd-11e2-be73-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {7b6b7cc4-94bd-11e2-be73-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {b4a3e72f-c4b8-11e3-be95-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {b4a3e7d9-c4b8-11e3-be95-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {b4a3e862-c4b8-11e3-be95-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {dabeb57d-c706-11e3-be96-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {dabeb5aa-c706-11e3-be96-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk
ShortcutTarget: McAfee Parental Controls.lnk -> C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP77B12B96-9349-43F0-8DCE-9D66842923C2&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP77B12B96-9349-43F0-8DCE-9D66842923C2&q={searchTerms}&SSPV=
SearchScopes: HKCU - {356F967B-C0DB-413A-9722-2161E8C8B573} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
SearchScopes: HKCU - {EF4931A1-F27D-4C98-80B4-EA0E228736DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\sycvpt0y.default
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\sycvpt0y.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-01-09]
FF HKCU\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\kerstin\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test 127 - C:\Users\kerstin\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2014-05-26]
FF HKCU\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\kerstin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games 111 - C:\Users\kerstin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2014-05-26]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-25]
CHR Extension: (Google Drive) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-25]
CHR Extension: (No Name) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bglgepiolghndacjbjadadjnkgfgehcd [2014-02-12]
CHR Extension: (YouTube) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-25]
CHR Extension: (Google Search) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-25]
CHR Extension: (QueeniCoupoon) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecfmlfgikjdagjikheaahnghjpajaljn [2014-05-24]
CHR Extension: (weebsaver) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkfhabhpnkdiiiogbocaoiimogaadgmn [2014-01-27]
CHR Extension: (TicTaCoUpon) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moieabkfabdhfjlnalkfhdfekmmldnij [2014-03-18]
CHR Extension: (Google Wallet) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (sAveoRon) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\phcpimhcgagmbgbefciohdhljehmnalp [2014-02-15]
CHR Extension: (Gmail) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-25]
CHR Extension: (SaverProo) - C:\ProgramData\mchnfhjfmbklegkoglcpmfeopeffbfao [2014-01-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2014-04-18] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-15] (McAfee, Inc.)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-15] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1265824 2012-10-23] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros)

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-10-22] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2014-04-17] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-15] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-15] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-15] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-15] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R1 {f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64; C:\Windows\System32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys [61112 2014-05-22] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 08:29 - 2014-05-28 08:30 - 00021163 _____ () C:\Users\kerstin\Downloads\FRST.txt
2014-05-28 08:29 - 2014-05-28 08:29 - 02066944 _____ (Farbar) C:\Users\kerstin\Downloads\FRST64.exe
2014-05-28 08:29 - 2014-05-28 08:29 - 00000000 ____D () C:\FRST
2014-05-28 08:28 - 2014-05-28 08:28 - 00000476 _____ () C:\Users\kerstin\Downloads\defogger_disable.log
2014-05-28 08:28 - 2014-05-28 08:28 - 00000000 _____ () C:\Users\kerstin\defogger_reenable
2014-05-28 08:27 - 2014-05-28 08:27 - 00050477 _____ () C:\Users\kerstin\Downloads\Defogger.exe
2014-05-28 07:57 - 2014-05-28 08:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 07:57 - 2014-05-28 07:57 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-28 07:57 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-28 07:57 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-28 07:57 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-28 07:56 - 2014-05-28 07:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\kerstin\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 07:31 - 2014-05-28 07:31 - 03673664 _____ (Piriform Ltd) C:\Users\kerstin\Downloads\ccsetup414_slim.exe
2014-05-28 07:31 - 2014-05-28 07:31 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-05-28 07:31 - 2014-05-28 07:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-28 07:31 - 2014-05-28 07:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-28 07:31 - 2014-05-28 07:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-27 18:10 - 2014-05-27 18:10 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-27 18:10 - 2014-05-27 18:10 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-27 18:10 - 2014-05-27 18:10 - 00000000 ____D () C:\Users\kerstin\AppData\Local\Mozilla
2014-05-27 18:08 - 2014-05-27 18:08 - 00283144 _____ (Mozilla) C:\Users\kerstin\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-27 17:40 - 2014-05-27 17:40 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\Avira
2014-05-27 17:39 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-27 17:39 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-27 17:39 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-27 17:36 - 2014-05-27 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-27 17:36 - 2014-05-27 17:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-27 17:36 - 2014-05-27 17:36 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-27 17:35 - 2014-05-27 17:39 - 00000000 ____D () C:\ProgramData\Avira
2014-05-27 17:35 - 2014-05-27 17:35 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\kerstin\Downloads\avira_de_av_4000461663__ws.exe
2014-05-27 17:35 - 2014-05-27 17:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-27 17:32 - 2014-05-27 17:32 - 00003402 _____ () C:\Windows\System32\Tasks\{CC799F03-888A-48DF-B208-788F6A14DAE5}
2014-05-27 17:27 - 2014-05-27 17:27 - 00000000 ____D () C:\Program Files (x86)\DaoocSCoonvoErtteer
2014-05-27 17:26 - 2014-05-27 17:26 - 00000000 ____D () C:\Program Files (x86)\KiangCiouupoN
2014-05-27 17:08 - 2014-05-27 17:08 - 00000000 ____D () C:\Program Files (x86)\CluiCkForSale
2014-05-26 16:47 - 2014-05-26 21:59 - 00001089 _____ () C:\Users\kerstin\Desktop\Continue VuuPC Installation.lnk
2014-05-26 16:43 - 2014-05-26 16:43 - 00002166 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-05-26 16:43 - 2014-05-26 16:43 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-26 16:43 - 2014-05-26 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-05-26 16:43 - 2014-05-26 16:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-05-26 16:43 - 2014-05-26 16:43 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-05-26 16:37 - 2014-05-28 07:35 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\Systweak
2014-05-26 16:37 - 2014-05-27 18:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-26 16:36 - 2014-05-28 08:19 - 00000000 ____D () C:\Program Files\003
2014-05-26 11:26 - 2014-05-26 11:26 - 00279584 _____ () C:\Windows\Minidump\052614-64640-01.dmp
2014-05-26 11:24 - 2014-05-26 11:24 - 00000000 __SHD () C:\found.002
2014-05-26 08:47 - 2014-05-27 17:54 - 00003118 _____ () C:\Windows\System32\Tasks\PC Performer
2014-05-26 08:46 - 2014-05-28 08:17 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\PerformerSoft
2014-05-26 08:46 - 2014-05-26 08:46 - 00001050 _____ () C:\Users\Public\Desktop\PC Performer.lnk
2014-05-26 08:46 - 2014-05-26 08:46 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\FreePDFReader
2014-05-26 08:46 - 2014-05-26 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
2014-05-26 08:45 - 2014-05-26 08:46 - 00000000 ____D () C:\Program Files (x86)\FreePDFReader
2014-05-25 18:54 - 2014-05-22 18:19 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys
2014-05-24 14:16 - 2014-05-01 22:37 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-24 14:16 - 2014-05-01 22:37 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-23 23:59 - 2014-05-27 17:21 - 00000000 ____D () C:\ProgramData\CluiCkForSale
2014-05-20 08:37 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-20 08:37 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-20 08:37 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-19 14:26 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-19 14:26 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-19 14:26 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-19 14:26 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-19 14:25 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-19 14:25 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-19 14:25 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-19 14:25 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-19 14:25 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-19 14:25 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-19 14:25 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-19 14:25 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-19 14:25 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-19 14:25 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-19 14:25 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-19 14:25 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-19 14:25 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-19 14:25 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-19 14:25 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-19 14:25 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-19 14:25 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-19 14:25 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-19 14:25 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-19 14:25 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-19 14:25 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-19 14:25 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-19 14:25 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-19 14:25 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-19 14:25 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-19 14:25 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-19 14:25 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-19 14:25 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-19 14:25 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-19 14:25 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-19 14:25 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-19 14:25 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-19 14:25 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-19 14:25 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-19 14:25 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-19 14:25 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-19 14:25 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-19 14:25 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-19 14:25 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-19 14:25 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-19 14:25 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-19 14:25 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-19 14:25 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-19 14:25 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-19 14:25 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-19 14:25 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-19 14:25 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-19 14:25 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-06 12:07 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 12:07 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 12:07 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 12:07 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 12:07 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-04 19:16 - 2014-05-27 14:34 - 00000463 _____ () C:\Users\kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2014-05-03 03:02 - 2014-05-03 03:02 - 00041652 _____ () C:\Windows\system32\s000000.dat
2014-05-03 02:59 - 2014-05-03 02:59 - 00000040 _____ () C:\Windows\system32\sstate_prev.sdt
2014-05-03 02:59 - 2014-05-03 02:59 - 00000000 _____ () C:\Windows\system32\sstates.sdt

==================== One Month Modified Files and Folders =======

2014-05-28 08:30 - 2014-05-28 08:29 - 00021163 _____ () C:\Users\kerstin\Downloads\FRST.txt
2014-05-28 08:29 - 2014-05-28 08:29 - 02066944 _____ (Farbar) C:\Users\kerstin\Downloads\FRST64.exe
2014-05-28 08:29 - 2014-05-28 08:29 - 00000000 ____D () C:\FRST
2014-05-28 08:28 - 2014-05-28 08:28 - 00000476 _____ () C:\Users\kerstin\Downloads\defogger_disable.log
2014-05-28 08:28 - 2014-05-28 08:28 - 00000000 _____ () C:\Users\kerstin\defogger_reenable
2014-05-28 08:28 - 2013-07-07 08:58 - 00000000 ____D () C:\Users\kerstin
2014-05-28 08:27 - 2014-05-28 08:27 - 00050477 _____ () C:\Users\kerstin\Downloads\Defogger.exe
2014-05-28 08:27 - 2013-07-07 09:42 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2506654650-796066991-677667921-1001
2014-05-28 08:24 - 2013-01-09 02:00 - 01288823 _____ () C:\Windows\WindowsUpdate.log
2014-05-28 08:21 - 2014-05-28 07:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 08:21 - 2013-07-25 15:39 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-28 08:21 - 2013-01-09 02:30 - 00000000 ____D () C:\ProgramData\MOCP
2014-05-28 08:19 - 2014-05-26 16:36 - 00000000 ____D () C:\Program Files\003
2014-05-28 08:19 - 2014-04-18 16:10 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-05-28 08:19 - 2012-08-03 04:22 - 00149486 _____ () C:\Windows\PFRO.log
2014-05-28 08:19 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 08:19 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-28 08:17 - 2014-05-26 08:46 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\PerformerSoft
2014-05-28 08:03 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\tracing
2014-05-28 08:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-28 07:57 - 2014-05-28 07:57 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-28 07:56 - 2014-05-28 07:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\kerstin\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 07:54 - 2013-07-25 15:39 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 07:35 - 2014-05-26 16:37 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\Systweak
2014-05-28 07:31 - 2014-05-28 07:31 - 03673664 _____ (Piriform Ltd) C:\Users\kerstin\Downloads\ccsetup414_slim.exe
2014-05-28 07:31 - 2014-05-28 07:31 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-05-28 07:31 - 2014-05-28 07:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-28 07:31 - 2014-05-28 07:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-28 07:31 - 2014-05-28 07:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-28 07:22 - 2013-07-07 09:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-28 07:17 - 2014-01-27 21:37 - 00000000 ____D () C:\ProgramData\weebsaver
2014-05-27 20:15 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-27 18:33 - 2014-02-15 22:48 - 00000000 ____D () C:\ProgramData\sAveoRon
2014-05-27 18:20 - 2014-01-27 21:37 - 00000000 ____D () C:\ProgramData\SaverProo
2014-05-27 18:10 - 2014-05-27 18:10 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-27 18:10 - 2014-05-27 18:10 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-27 18:10 - 2014-05-27 18:10 - 00000000 ____D () C:\Users\kerstin\AppData\Local\Mozilla
2014-05-27 18:10 - 2014-05-26 16:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-27 18:10 - 2014-03-27 09:46 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C9F0AAB-17A9-4111-A221-1345BA5E1119}
2014-05-27 18:08 - 2014-05-27 18:08 - 00283144 _____ (Mozilla) C:\Users\kerstin\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-27 18:07 - 2012-07-26 07:26 - 00000226 _____ () C:\Windows\win.ini
2014-05-27 17:54 - 2014-05-26 08:47 - 00003118 _____ () C:\Windows\System32\Tasks\PC Performer
2014-05-27 17:50 - 2013-07-07 09:35 - 00000000 ___RD () C:\Users\kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 17:44 - 2014-03-18 19:17 - 00000000 ____D () C:\ProgramData\KiangCiouupoN
2014-05-27 17:44 - 2014-02-03 20:34 - 00000000 ____D () C:\ProgramData\DaoocSCoonvoErtteer
2014-05-27 17:40 - 2014-05-27 17:40 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\Avira
2014-05-27 17:39 - 2014-05-27 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-27 17:39 - 2014-05-27 17:36 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-27 17:39 - 2014-05-27 17:35 - 00000000 ____D () C:\ProgramData\Avira
2014-05-27 17:36 - 2014-05-27 17:36 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-27 17:35 - 2014-05-27 17:35 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\kerstin\Downloads\avira_de_av_4000461663__ws.exe
2014-05-27 17:35 - 2014-05-27 17:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-27 17:32 - 2014-05-27 17:32 - 00003402 _____ () C:\Windows\System32\Tasks\{CC799F03-888A-48DF-B208-788F6A14DAE5}
2014-05-27 17:31 - 2013-07-30 11:03 - 00000000 ____D () C:\Users\kerstin\AppData\Local\CrashDumps
2014-05-27 17:30 - 2013-01-09 01:36 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-05-27 17:30 - 2013-01-09 01:36 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-05-27 17:30 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 17:27 - 2014-05-27 17:27 - 00000000 ____D () C:\Program Files (x86)\DaoocSCoonvoErtteer
2014-05-27 17:26 - 2014-05-27 17:26 - 00000000 ____D () C:\Program Files (x86)\KiangCiouupoN
2014-05-27 17:26 - 2014-01-27 21:37 - 00000000 ____D () C:\ProgramData\a130b489b9c6817
2014-05-27 17:21 - 2014-05-23 23:59 - 00000000 ____D () C:\ProgramData\CluiCkForSale
2014-05-27 17:08 - 2014-05-27 17:08 - 00000000 ____D () C:\Program Files (x86)\CluiCkForSale
2014-05-27 14:34 - 2014-05-04 19:16 - 00000463 _____ () C:\Users\kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2014-05-27 11:46 - 2013-06-06 19:02 - 00014336 ___SH () C:\Users\kerstin\Downloads\Thumbs.db
2014-05-26 21:59 - 2014-05-26 16:47 - 00001089 _____ () C:\Users\kerstin\Desktop\Continue VuuPC Installation.lnk
2014-05-26 16:43 - 2014-05-26 16:43 - 00002166 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-05-26 16:43 - 2014-05-26 16:43 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-26 16:43 - 2014-05-26 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-05-26 16:43 - 2014-05-26 16:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-05-26 16:43 - 2014-05-26 16:43 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-05-26 16:43 - 2013-01-09 02:26 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-26 16:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-26 16:42 - 2013-01-09 02:26 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-26 16:36 - 2013-07-07 12:53 - 00000000 ____D () C:\Users\kerstin\AppData\Local\Adobe
2014-05-26 11:26 - 2014-05-26 11:26 - 00279584 _____ () C:\Windows\Minidump\052614-64640-01.dmp
2014-05-26 11:26 - 2013-09-24 20:32 - 00000000 ____D () C:\Windows\Minidump
2014-05-26 11:26 - 2013-09-18 13:30 - 511906660 _____ () C:\Windows\MEMORY.DMP
2014-05-26 11:24 - 2014-05-26 11:24 - 00000000 __SHD () C:\found.002
2014-05-26 08:46 - 2014-05-26 08:46 - 00001050 _____ () C:\Users\Public\Desktop\PC Performer.lnk
2014-05-26 08:46 - 2014-05-26 08:46 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\FreePDFReader
2014-05-26 08:46 - 2014-05-26 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
2014-05-26 08:46 - 2014-05-26 08:45 - 00000000 ____D () C:\Program Files (x86)\FreePDFReader
2014-05-25 18:48 - 2013-07-02 16:35 - 00000000 ____D () C:\claudia
2014-05-25 18:28 - 2013-06-30 08:28 - 00000000 ____D () C:\urlaub
2014-05-25 18:23 - 2013-05-20 12:01 - 00000000 ____D () C:\skiurlaub1
2014-05-25 18:08 - 2013-05-15 16:55 - 00000000 ____D () C:\skiurlaub
2014-05-24 16:22 - 2013-01-09 02:03 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-05-24 14:17 - 2013-07-07 09:35 - 00000000 ___RD () C:\Users\kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-24 14:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-24 14:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-24 14:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-24 14:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-24 14:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-24 14:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-24 14:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-23 14:24 - 2013-08-18 20:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-23 14:23 - 2013-07-08 17:26 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-22 18:19 - 2014-05-25 18:54 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys
2014-05-21 02:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-12 07:26 - 2014-05-28 07:57 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-28 07:57 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-28 07:57 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 11:16 - 2014-05-27 17:39 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-09 11:16 - 2014-05-27 17:39 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-09 11:16 - 2014-05-27 17:39 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-06 07:14 - 2014-05-19 14:25 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-19 14:25 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-19 14:25 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-19 14:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-19 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-19 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-03 03:02 - 2014-05-03 03:02 - 00041652 _____ () C:\Windows\system32\s000000.dat
2014-05-03 02:59 - 2014-05-03 02:59 - 00000040 _____ () C:\Windows\system32\sstate_prev.sdt
2014-05-03 02:59 - 2014-05-03 02:59 - 00000000 _____ () C:\Windows\system32\sstates.sdt
2014-05-01 22:37 - 2014-05-24 14:16 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2014-05-24 14:16 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\kerstin\AppData\Local\Temp\avgnt.exe
C:\Users\kerstin\AppData\Local\Temp\BackupSetup.exe
C:\Users\kerstin\AppData\Local\Temp\install_reader11_de_mssa_aaa_aih.exe
C:\Users\kerstin\AppData\Local\Temp\mfc80.dll
C:\Users\kerstin\AppData\Local\Temp\mfc80u.dll
C:\Users\kerstin\AppData\Local\Temp\mfcm80.dll
C:\Users\kerstin\AppData\Local\Temp\mfcm80u.dll
C:\Users\kerstin\AppData\Local\Temp\msvcm80.dll
C:\Users\kerstin\AppData\Local\Temp\msvcp80.dll
C:\Users\kerstin\AppData\Local\Temp\msvcr80.dll
C:\Users\kerstin\AppData\Local\Temp\nshDA29.exe
C:\Users\kerstin\AppData\Local\Temp\nsjDE22.exe
C:\Users\kerstin\AppData\Local\Temp\nsoB95F.exe
C:\Users\kerstin\AppData\Local\Temp\nsqB056.exe
C:\Users\kerstin\AppData\Local\Temp\nsr9BA5.exe
C:\Users\kerstin\AppData\Local\Temp\OSU.exe
C:\Users\kerstin\AppData\Local\Temp\SPSetup.exe
C:\Users\kerstin\AppData\Local\Temp\Uninstaller.exe
C:\Users\kerstin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\kerstin\AppData\Local\Temp\VersionUpdater.exe
C:\Users\kerstin\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\kerstin\AppData\Local\Temp\WTGXMLUtil.dll
C:\Users\kerstin\AppData\Local\Temp\WtgZip.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-19 14:25] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-28 03:00

==================== End Of Log ============================
         
Könnt ihr mir hier weiterhelfen? Ich kriege die Programme einfach nicht gelöscht und hab ehrlich gesagt keine Ahnung wie ich jetzt weiter vorgehen muss/kann?

Liebe Grüße
Joolez

Alt 30.05.2014, 18:53   #2
JustJoolez
 
Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Ach... sorry, GMER Log vergessen:

[CODE]19:49 30.05.2014GMER Logfile:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-28 08:37:52
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000034 WDC_WD5000BPVT-55HXZT4 rev.01.01A01 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\kerstin\AppData\Local\Temp\pxloypog.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\Windows\system32\ntoskrnl.exe!KiCpuId + 988                                                                                   fffff803c586d3dc 1 byte [31]

---- User code sections - GMER 2.1 ----

.text   C:\Windows\system32\atiesrxx.exe[556] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                               000007fa77a4177a 4 bytes [A4, 77, FA, 07]
.text   C:\Windows\system32\atiesrxx.exe[556] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                               000007fa77a41782 4 bytes [A4, 77, FA, 07]
.text   C:\Windows\system32\atieclxx.exe[1172] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                              000007fa77a4177a 4 bytes [A4, 77, FA, 07]
.text   C:\Windows\system32\atieclxx.exe[1172] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                              000007fa77a41782 4 bytes [A4, 77, FA, 07]
.text   C:\Windows\system32\atieclxx.exe[1172] C:\Windows\system32\WSOCK32.dll!recvfrom + 742                                            000007fa71e71b32 4 bytes [E7, 71, FA, 07]
.text   C:\Windows\system32\atieclxx.exe[1172] C:\Windows\system32\WSOCK32.dll!recvfrom + 750                                            000007fa71e71b3a 4 bytes [E7, 71, FA, 07]
.text   C:\Windows\system32\mfevtps.exe[2052] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306                               000007fa77a4177a 4 bytes [A4, 77, FA, 07]
.text   C:\Windows\system32\mfevtps.exe[2052] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314                               000007fa77a41782 4 bytes [A4, 77, FA, 07]
.text   C:\Windows\Explorer.EXE[3820] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                 000007fa70621532 4 bytes [62, 70, FA, 07]
.text   C:\Windows\Explorer.EXE[3820] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                 000007fa7062153a 4 bytes [62, 70, FA, 07]
.text   C:\Windows\Explorer.EXE[3820] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                               000007fa7062165a 4 bytes [62, 70, FA, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3272] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                          000007fa70621532 4 bytes [62, 70, FA, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3272] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                          000007fa7062153a 4 bytes [62, 70, FA, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3272] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                        000007fa7062165a 4 bytes [62, 70, FA, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[4116] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                       000007fa70621532 4 bytes [62, 70, FA, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[4116] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                       000007fa7062153a 4 bytes [62, 70, FA, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[4116] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                     000007fa7062165a 4 bytes [62, 70, FA, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4176] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                     000007fa70621532 4 bytes [62, 70, FA, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4176] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                     000007fa7062153a 4 bytes [62, 70, FA, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4176] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                   000007fa7062165a 4 bytes [62, 70, FA, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4176] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 742                         000007fa71e71b32 4 bytes [E7, 71, FA, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4176] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 750                         000007fa71e71b3a 4 bytes [E7, 71, FA, 07]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4344] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                 000007fa77a4177a 4 bytes [A4, 77, FA, 07]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4344] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                 000007fa77a41782 4 bytes [A4, 77, FA, 07]
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4364] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306              000007fa77a4177a 4 bytes [A4, 77, FA, 07]
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4364] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314              000007fa77a41782 4 bytes [A4, 77, FA, 07]
.text   C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1948] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690    000007fa70621532 4 bytes [62, 70, FA, 07]
.text   C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1948] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698    000007fa7062153a 4 bytes [62, 70, FA, 07]
.text   C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1948] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246  000007fa7062165a 4 bytes [62, 70, FA, 07]
.text   C:\Program Files\Sony\VAIO Care\VCPerfService.exe[940] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306              000007fa77a4177a 4 bytes [A4, 77, FA, 07]
.text   C:\Program Files\Sony\VAIO Care\VCPerfService.exe[940] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314              000007fa77a41782 4 bytes [A4, 77, FA, 07]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [788:804]                                                                                          fffff960009675e8
Thread  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe [3444:5368]       000007fa74135990
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [5884:5664]                                                                   000007fa755c4aa0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [5884:5944]                                                                   000007fa76d35e10
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [5884:4392]                                                                   000007fa774823a8

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                            unknown MBR code

---- EOF - GMER 2.1 ----
         
--- --- ---
__________________


Alt 02.06.2014, 18:25   #3
schrauber
/// the machine
/// TB-Ausbilder
 

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Hi,

Addition.txt von FRST fehlt noch.
__________________
__________________

Alt 02.06.2014, 20:56   #4
JustJoolez
 
Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Hier ist das Addition File:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by kerstin at 2014-05-28 08:30:32
Running from C:\Users\kerstin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: McAfee  Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee  Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee  Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.21010 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{AFF3A479-02DE-E284-9E4D-CC1F0B45174A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Avira (HKLM-x32\...\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}) (Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1010.1519.25530 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1010.1519.25530 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1010.1519.25530 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1010.1519.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1010.1518.25530 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1010.1519.25530 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5728.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.5728.52 - CyberLink Corp.) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Free Games 111 (HKLM-x32\...\Free Games 111) (Version: 3.0.0.0 - BestOffers) <==== ATTENTION
FreePDFReader (HKLM-x32\...\FreePDFReader) (Version:  - FreePDFConverter)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41505) (Version: 3.8.0.41505.25 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Parental Controls (HKLM-x32\...\MOCP) (Version: 3.2.226.1 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PC Performer (HKLM-x32\...\PC Performer_is1) (Version: 11.10 - PerformerSoft LLC) <==== ATTENTION
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
sAveoRon (HKLM-x32\...\{66951628-3E5A-9C96-37EA-490E187974D5}) (Version:  - saveeroN)
SaverProo (HKLM-x32\...\{94851E46-5E5B-DD67-2593-709E8D27DC4C}) (Version:  - SaveerPro)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Speed Test 127 (HKLM-x32\...\Speed Test 127) (Version: 3.0.0.0 - Speed Analysis) <==== ATTENTION
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.0.11020 - Sony Corporation)
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.3.0.09290 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.0.2.10230 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Hardwarediagnose-Plugin für VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.7.0.11070 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
weebsaver (HKLM-x32\...\{5CDF2354-26AF-2DBC-1012-44FEDFCC75BB}) (Version:  - weebsavEEr)
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Restore Points  =========================

01-05-2014 12:49:20 Windows Update
21-05-2014 12:19:15 Windows Update
26-05-2014 07:34:26 PC Performer Mo, Mai 26, 14  09:34
27-05-2014 09:28:01 Removed Adobe Reader XI  MUI.

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {16015976-86D2-4BE0-9CDF-4B4E73060663} - System32\Tasks\{96BE543D-907E-4A75-BCDE-3AE9CBDF935F} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {16CC01DA-B6BB-4D5E-A8DA-D99E4B3358CC} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {24032EBE-1B03-4B33-B5F3-C23F907A3642} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {30B3CCE3-B6C9-4066-968E-D4D982429EAA} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {43601916-F058-4137-8449-FA2327CA92FF} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {4FAA28B2-2E5F-4C12-B6E6-07430E7C9EF7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {512E3387-FA78-44E0-829D-4DB1F2B3EA1C} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {61B52D29-D5A3-4C82-B03B-DBE4DA10C2E3} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {7DE97D28-C70E-438A-863C-90C7305694D9} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {811A97F2-2771-4BD5-B639-9A790747617C} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {818B993D-B973-44AC-B615-E5926B9823E8} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-23] (Sony Corporation)
Task: {82F8D411-A1F1-4D13-B7A6-FF45683419A6} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {8482C6E8-1F09-48FD-A04B-B99646A7A4A9} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation)
Task: {92782AD6-BC55-4315-B5D0-AE060D63EE35} - System32\Tasks\PC Performer => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
Task: {99328B99-9BE0-49EA-A261-5C9070D1A54C} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {A62802D4-CF42-4718-8865-6AFB3E723DEB} - System32\Tasks\{B1A5FA06-62C8-42A1-A77A-C4533285B1B4} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B8813E9F-7FA9-46B7-9F10-4096E376D141} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation)
Task: {BF7C53DE-A4E4-4D4B-95E8-9688F28ADBD1} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D216A67A-0B58-4FED-A5A8-7338EBDE3348} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {DE0D2335-3851-4CFF-982F-DE31A588B964} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {E7476A34-6C44-4D6A-A3D9-2464D1BD692A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-25] (Google Inc.)
Task: {E763EEA9-EE14-4CC7-9867-703ED3503B9F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-25] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F4325633-2E84-4C0F-B54C-0B06AFA4C058} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {FD416EA4-5829-41CE-A02B-0769FE4EEB22} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-01] (Sony Corporation)
Task: {FDCD846E-D8ED-4CE3-A36B-3D195B914878} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-18 16:44 - 2014-04-18 16:50 - 00358968 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2013-06-04 19:14 - 2013-06-04 19:15 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-11-05 20:28 - 2012-11-05 20:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-11-05 20:23 - 2012-11-05 20:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-11-05 20:26 - 2012-11-05 20:26 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-18 16:44 - 2014-04-18 16:50 - 00510520 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
2012-11-05 20:28 - 2012-11-05 20:28 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-05-20 19:33 - 2014-05-20 19:33 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-08-06 14:27 - 2012-08-06 14:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-10-10 16:17 - 2012-10-10 16:17 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-08-06 14:27 - 2012-08-06 14:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-05-14 14:27 - 2014-05-14 14:27 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-05-27 17:40 - 2014-05-14 14:27 - 00049744 _____ () C:\Users\kerstin\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-01-09 01:56 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-27 18:10 - 2014-05-07 04:27 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\kerstin\Re  Zimmerreservierung.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5268) {A09A7480-7857-402E-BC97-AB1E93C146DD}: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 494) (User: )
Description: SettingSyncHost (5268) {A09A7480-7857-402E-BC97-AB1E93C146DD}: Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\Users\kerstin\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5268) {F35AED6E-4E2F-4A80-AB61-760E48CAC2CB}: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 494) (User: )
Description: SettingSyncHost (5268) {F35AED6E-4E2F-4A80-AB61-760E48CAC2CB}: Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\Users\kerstin\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5268) {5C2052C9-BD63-4B8D-A9F7-35D8C417B952}: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 494) (User: )
Description: SettingSyncHost (5268) {5C2052C9-BD63-4B8D-A9F7-35D8C417B952}: Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\Users\kerstin\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5268) {6CE9F693-21FC-4CFD-8CCF-15AE0D7EA672}: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 494) (User: )
Description: SettingSyncHost (5268) {6CE9F693-21FC-4CFD-8CCF-15AE0D7EA672}: Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\Users\kerstin\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5268) {C4741D01-BF0F-4A56-B42A-D08997062558}: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 494) (User: )
Description: SettingSyncHost (5268) {C4741D01-BF0F-4A56-B42A-D08997062558}: Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\Users\kerstin\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.


System errors:
=============
Error: (05/28/2014 08:22:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Network Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/28/2014 08:22:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Network Agent erreicht.

Error: (05/28/2014 08:22:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/28/2014 08:22:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Services erreicht.

Error: (05/28/2014 08:20:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Anti-Spam Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/28/2014 08:20:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Anti-Spam Service erreicht.

Error: (05/28/2014 07:25:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Network Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/28/2014 07:25:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Network Agent erreicht.

Error: (05/28/2014 07:25:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/28/2014 07:25:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Services erreicht.


Microsoft Office Sessions:
=========================
Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5268{A09A7480-7857-402E-BC97-AB1E93C146DD}: -1216

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 494) (User: )
Description: SettingSyncHost5268{A09A7480-7857-402E-BC97-AB1E93C146DD}: -1216C:\Users\kerstin\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5268{F35AED6E-4E2F-4A80-AB61-760E48CAC2CB}: -1216

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 494) (User: )
Description: SettingSyncHost5268{F35AED6E-4E2F-4A80-AB61-760E48CAC2CB}: -1216C:\Users\kerstin\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5268{5C2052C9-BD63-4B8D-A9F7-35D8C417B952}: -1216

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 494) (User: )
Description: SettingSyncHost5268{5C2052C9-BD63-4B8D-A9F7-35D8C417B952}: -1216C:\Users\kerstin\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5268{6CE9F693-21FC-4CFD-8CCF-15AE0D7EA672}: -1216

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 494) (User: )
Description: SettingSyncHost5268{6CE9F693-21FC-4CFD-8CCF-15AE0D7EA672}: -1216C:\Users\kerstin\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5268{C4741D01-BF0F-4A56-B42A-D08997062558}: -1216

Error: (05/28/2014 08:24:40 AM) (Source: ESENT) (EventID: 494) (User: )
Description: SettingSyncHost5268{C4741D01-BF0F-4A56-B42A-D08997062558}: -1216C:\Users\kerstin\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb
         

Alt 03.06.2014, 19:22   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.06.2014, 21:08   #6
JustJoolez
 
Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



EDIT: Hat sich erledigt...

Hi... erstmal Danke für die Hilfe... ich habe das erste Programm auch runtergeladen... sehe auch das Uninstallerfeld, aber nirgendwo "additional scanresult of farbar recovery tool". Wo finde ich das denn? Ich habe schon die Ansicht geändert, aber auch da finde ich es nicht...

Liebe Grüße
JustJoolez

Geändert von JustJoolez (03.06.2014 um 21:31 Uhr)

Alt 04.06.2014, 18:42   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Schau mal in die Addition.txt von FRST, das Log welches Du gepostet hast.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.06.2014, 21:13   #8
JustJoolez
 
Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Hallo... ich war im Urlaub, daher konnte ich die Schritte erst jetzt erledigen.
Hier also die 3 Logs

MBAM
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.06.2014
Suchlauf-Zeit: 22:19:02
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.03.06
Rootkit Datenbank: v2014.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: kerstin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 296631
Verstrichene Zeit: 17 Min, 16 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 12
PUP.Optional.Conduit.A, C:\Users\kerstin\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [42d0591b5625c86ef3835c27ea178a76], 
PUP.Optional.Conduit.A, C:\Users\kerstin\AppData\Local\Temp\nshDA29.exe, In Quarantäne, [4dc5551f1c5f72c41c5a285bee13be42], 
PUP.Optional.Conduit.A, C:\Users\kerstin\AppData\Local\Temp\nsjDE22.exe, In Quarantäne, [44ce571dff7c81b5df9789fa5fa2cc34], 
PUP.Optional.Conduit.A, C:\Users\kerstin\AppData\Local\Temp\nsoB95F.exe, In Quarantäne, [64ae62127cff280ef185255e9869639d], 
PUP.Optional.Conduit.A, C:\Users\kerstin\AppData\Local\Temp\nsqB056.exe, In Quarantäne, [080ad3a15526072f9ed8196a09f8fd03], 
PUP.Optional.Conduit.A, C:\Users\kerstin\AppData\Local\Temp\nsr9BA5.exe, In Quarantäne, [0012047096e540f6f97d4d367a8721df], 
PUP.Optional.BundleInstaller.A, C:\Users\kerstin\AppData\Local\Temp\n3304\s3304.exe, In Quarantäne, [b2601e56c7b496a0d39774d2e31d867a], 
PUP.Optional.Conduit.A, C:\Users\kerstin\AppData\Local\Temp\nsuFBAB\SpSetup.exe, In Quarantäne, [f9190e660576e15593e37e056d94619f], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nss35F6.exe, In Quarantäne, [ed25373d0a7178be383e226153ae1ee2], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsz54F8.exe, In Quarantäne, [937fc8acd5a676c03b3b3b4805fce818], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nshA5A9.exe, In Quarantäne, [35ddcfa5205bde586a0cc0c342bf44bc], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsdC160.exe, In Quarantäne, [16fcfd77c4b7f2440175ed96936e57a9], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Das Log vom ADWCleaner

Code:
ATTFilter
# AdwCleaner v3.212 - Bericht erstellt am 15/06/2014 um 21:59:50
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : kerstin - VAIO
# Gestartet von : C:\Users\kerstin\Downloads\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : {f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\CluiCkForSale
Ordner Gelöscht : C:\ProgramData\KiangCiouupoN
Ordner Gelöscht : C:\ProgramData\SaverProo
Ordner Gelöscht : C:\ProgramData\weebsaver
Ordner Gelöscht : C:\Program Files (x86)\CluiCkForSale
Ordner Gelöscht : C:\Program Files (x86)\KiangCiouupoN
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\kerstin\Qtrax
Ordner Gelöscht : C:\Users\kerstin\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\kerstin\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\kerstin\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecfmlfgikjdagjikheaahnghjpajaljn
Ordner Gelöscht : C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkfhabhpnkdiiiogbocaoiimogaadgmn
Ordner Gelöscht : C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moieabkfabdhfjlnalkfhdfekmmldnij
Datei Gelöscht : C:\Windows\System32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys
Datei Gelöscht : C:\Users\kerstin\AppData\Local\Temp\uninstaller.exe
Datei Gelöscht : C:\Users\kerstin\Desktop\Continue VuuPC Installation.lnk
Datei Gelöscht : C:\Users\kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\sycvpt0y.default\user.js
Datei Gelöscht : C:\Users\kerstin\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_de.iminent.com_0.localstorage
Datei Gelöscht : C:\Users\kerstin\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_de.iminent.com_0.localstorage-journal
Datei Gelöscht : C:\Windows\System32\Tasks\PC Performer

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [freegames4357@bestoffers]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CCLiacukForSalee.CCLiacukForSalee
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CCLiacukForSalee.CCLiacukForSalee.1.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\KKinegCoupeon.KKinegCoupeon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\KKinegCoupeon.KKinegCoupeon.1.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02AB1283-7D13-034D-0B9D-0A6E1FB30A23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{650E7FED-4BB2-F649-D3EE-B6565275F1BA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3061B3C3-8B7F-4DBD-82DF-0B6CE9AA60E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02AB1283-7D13-034D-0B9D-0A6E1FB30A23}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{650E7FED-4BB2-F649-D3EE-B6565275F1BA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02AB1283-7D13-034D-0B9D-0A6E1FB30A23}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{650E7FED-4BB2-F649-D3EE-B6565275F1BA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02AB1283-7D13-034D-0B9D-0A6E1FB30A23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{650E7FED-4BB2-F649-D3EE-B6565275F1BA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{02AB1283-7D13-034D-0B9D-0A6E1FB30A23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{650E7FED-4BB2-F649-D3EE-B6565275F1BA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3061B3C3-8B7F-4DBD-82DF-0B6CE9AA60E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\PerformerSoft
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\PerformerSoft
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\sycvpt0y.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10828 octets] - [15/06/2014 21:58:45]
AdwCleaner[S0].txt - [10328 octets] - [15/06/2014 21:59:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10389 octets] ##########
         
und zu guter Letzt das JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by kerstin on 15.06.2014 at 22:05:13,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\speedtest4354@bestoffers



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.06.2014 at 22:10:02,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Danke schonmal für die Hilfe bisher.

Liebe Grüße
Joolez

Alt 16.06.2014, 21:21   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.06.2014, 16:52   #10
JustJoolez
 
Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Hallo...
Also erst einmal das Eset Log, n paar Dinge hat er wohl gefunden...

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=3e42f0e965b03a4aa9f24cd177cd515f
# engine=18789
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-19 08:59:06
# local_time=2014-06-19 10:59:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 3623 3584544 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2006328 7602435 0 0
# scanned=113951
# found=0
# cleaned=0
# scan_time=3184
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=3e42f0e965b03a4aa9f24cd177cd515f
# engine=18864
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-24 09:16:16
# local_time=2014-06-24 11:16:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 436653 4017574 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2439358 8035465 0 0
# scanned=264114
# found=20
# cleaned=0
# scan_time=7465
sh=3B29C36CCB0FD00A0812896E61D3AE6CE18E5EEE ft=1 fh=5ce1e22016c2ce7d vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQKRQ7OJ\spstub[1].exe"
sh=0CE29E4B3CE1004C7967DAF574BA8D2920782299 ft=1 fh=af37a12746f98a73 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KQ9JF66S\IMinentToolbar[1].exe"
sh=19345C99B036B9D16BC6C8E9273E6A9D8A991CED ft=1 fh=b1884d9b4cdc3f3a vn="Win32/InstallCore.OH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\ICReinstall_nsg50E5.tmp"
sh=7F2FBB64964CCE38EBE53466F34879D6D2C7B155 ft=1 fh=fa7a9dbc4cdc3f3a vn="Win32/InstallCore.OH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\ICReinstall_nsw801B.tmp"
sh=CCD90EE6E9B1ADFF9657E8F2C126BC6CB5C2EB24 ft=1 fh=91473923cd86549e vn="Variante von Win32/SProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\is-23477.tmp\OptProCrash.dll"
sh=605151B2EABB71AD5FA81E7513A43A0201AE8CAF ft=1 fh=48be24d62ce083a1 vn="Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\is45637729\110454_stp\AnyProtectScannerSetup.exe"
sh=605151B2EABB71AD5FA81E7513A43A0201AE8CAF ft=1 fh=48be24d62ce083a1 vn="Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\is45637729\1928221_stp\AnyProtectScannerSetup.exe"
sh=6188F31D1B1EFA1A21997F3854785714A3C37854 ft=1 fh=2c091a6f68923958 vn="Win32/VOPackage.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\n3304\VOPackage.exe"
sh=A87B7647DC34B5B6186209377786E946B677C574 ft=1 fh=c2834f18f25710d9 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\{8A4E0350-43E9-4570-9413-E5ECC9C0AAEB}\setup.exe"
sh=1B2983DD978DB886263B1740E4C7E0CA1CEF88C4 ft=1 fh=29f8994b325a4b60 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Setup.exe"
sh=D7C486D5ECD6233D2D2F3610C6EF4847A478BFC2 ft=1 fh=38ca62b6cbb313d4 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\ccp.exe"
sh=1466BC1893B6D4B277A177CD2C7D1BEF65F6AAEB ft=1 fh=407239d3cdeb51cc vn="Win32/Toolbar.Babylon.U evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\CrxInstaller.dll"
sh=EE7646E9A9ECD2FA138A5EE732368D3785E060B2 ft=1 fh=a9e6d2fee3def72a vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\IEHelper.dll"
sh=B7BCAF66B2BB0CA2EE89D16A94A4D4C4BB1CE025 ft=1 fh=9dabbe262182f2d2 vn="Variante von Win32/Toolbar.Babylon.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\MntrDLLInstall.dll"
sh=BCD82DF66056063F8B2BEBC62A31ADACDAD38796 ft=1 fh=615817bbaca864be vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\MyDeltaTB.exe"
sh=3097FBB717307A1E94B7B5A245A5BA611150A5B6 ft=1 fh=ca740bd1568f76eb vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\Setup.exe"
sh=AE0BF6A9D8E66B04214FEBB5BF4B086E8AA34498 ft=1 fh=502ed3b2eef6754b vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\~nsu.tmp\Au_.exe"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Roaming\BabSolution\Shared\BabMaint.exe"
sh=E2BA5F8A7BD2BAF32FF31730BAD873C8E7957030 ft=1 fh=6e8622963c31f56a vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Roaming\BabSolution\Shared\BUSolution.dll"
sh=3974AF6435D0019AA8C84BE925611F9287976CC4 ft=1 fh=8821c6c28bcd590e vn="MSIL/WebCake.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Roaming\WebCake\WebCakeDesktop.exe"
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=3e42f0e965b03a4aa9f24cd177cd515f
# engine=18873
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-25 02:56:53
# local_time=2014-06-25 04:56:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 500290 4081211 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2502995 8099102 0 0
# scanned=264069
# found=20
# cleaned=0
# scan_time=14713
sh=3B29C36CCB0FD00A0812896E61D3AE6CE18E5EEE ft=1 fh=5ce1e22016c2ce7d vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQKRQ7OJ\spstub[1].exe"
sh=0CE29E4B3CE1004C7967DAF574BA8D2920782299 ft=1 fh=af37a12746f98a73 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KQ9JF66S\IMinentToolbar[1].exe"
sh=19345C99B036B9D16BC6C8E9273E6A9D8A991CED ft=1 fh=b1884d9b4cdc3f3a vn="Win32/InstallCore.OH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\ICReinstall_nsg50E5.tmp"
sh=7F2FBB64964CCE38EBE53466F34879D6D2C7B155 ft=1 fh=fa7a9dbc4cdc3f3a vn="Win32/InstallCore.OH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\ICReinstall_nsw801B.tmp"
sh=CCD90EE6E9B1ADFF9657E8F2C126BC6CB5C2EB24 ft=1 fh=91473923cd86549e vn="Variante von Win32/SProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\is-23477.tmp\OptProCrash.dll"
sh=605151B2EABB71AD5FA81E7513A43A0201AE8CAF ft=1 fh=48be24d62ce083a1 vn="Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\is45637729\110454_stp\AnyProtectScannerSetup.exe"
sh=605151B2EABB71AD5FA81E7513A43A0201AE8CAF ft=1 fh=48be24d62ce083a1 vn="Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\is45637729\1928221_stp\AnyProtectScannerSetup.exe"
sh=6188F31D1B1EFA1A21997F3854785714A3C37854 ft=1 fh=2c091a6f68923958 vn="Win32/VOPackage.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\n3304\VOPackage.exe"
sh=A87B7647DC34B5B6186209377786E946B677C574 ft=1 fh=c2834f18f25710d9 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\kerstin\AppData\Local\Temp\{8A4E0350-43E9-4570-9413-E5ECC9C0AAEB}\setup.exe"
sh=1B2983DD978DB886263B1740E4C7E0CA1CEF88C4 ft=1 fh=29f8994b325a4b60 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Setup.exe"
sh=D7C486D5ECD6233D2D2F3610C6EF4847A478BFC2 ft=1 fh=38ca62b6cbb313d4 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\ccp.exe"
sh=1466BC1893B6D4B277A177CD2C7D1BEF65F6AAEB ft=1 fh=407239d3cdeb51cc vn="Win32/Toolbar.Babylon.U evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\CrxInstaller.dll"
sh=EE7646E9A9ECD2FA138A5EE732368D3785E060B2 ft=1 fh=a9e6d2fee3def72a vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\IEHelper.dll"
sh=B7BCAF66B2BB0CA2EE89D16A94A4D4C4BB1CE025 ft=1 fh=9dabbe262182f2d2 vn="Variante von Win32/Toolbar.Babylon.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\MntrDLLInstall.dll"
sh=BCD82DF66056063F8B2BEBC62A31ADACDAD38796 ft=1 fh=615817bbaca864be vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\MyDeltaTB.exe"
sh=3097FBB717307A1E94B7B5A245A5BA611150A5B6 ft=1 fh=ca740bd1568f76eb vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\4CBD7A27-BAB0-7891-BAF6-7E923A785611\Latest\Setup.exe"
sh=AE0BF6A9D8E66B04214FEBB5BF4B086E8AA34498 ft=1 fh=502ed3b2eef6754b vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Local\Temp\~nsu.tmp\Au_.exe"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Roaming\BabSolution\Shared\BabMaint.exe"
sh=E2BA5F8A7BD2BAF32FF31730BAD873C8E7957030 ft=1 fh=6e8622963c31f56a vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Roaming\BabSolution\Shared\BUSolution.dll"
sh=3974AF6435D0019AA8C84BE925611F9287976CC4 ft=1 fh=8821c6c28bcd590e vn="MSIL/WebCake.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\kerstin\AppData\Roaming\WebCake\WebCakeDesktop.exe"
         
Das CheckupLog:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.83  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop                         
McAfee  Anti-Virus und Anti-Spyware   
Windows Defender                      
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 9  
 Java version out of Date! 
 Adobe Flash Player 	14.0.0.125  
 Adobe Reader XI  
 Mozilla Firefox (30.0) 
 Mozilla Thunderbird (24.4.0) 
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Hier das FRST Log:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by kerstin (administrator) on VAIO on 25-06-2014 17:36:44
Running from C:\Users\kerstin\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [644656 2013-08-17] (McAfee, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {7b6b7b5f-94bd-11e2-be73-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {7b6b7cc4-94bd-11e2-be73-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {b4a3e72f-c4b8-11e3-be95-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {b4a3e7d9-c4b8-11e3-be95-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {b4a3e862-c4b8-11e3-be95-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {dabeb57d-c706-11e3-be96-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2506654650-796066991-677667921-1001\...\MountPoints2: {dabeb5aa-c706-11e3-be96-a41731dab326} - "E:\.\Setup.exe" AUTORUN=1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk
ShortcutTarget: McAfee Parental Controls.lnk -> C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {356F967B-C0DB-413A-9722-2161E8C8B573} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
SearchScopes: HKCU - {EF4931A1-F27D-4C98-80B4-EA0E228736DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\sycvpt0y.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-01-09]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-25]
CHR Extension: (Google Drive) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-25]
CHR Extension: (No Name) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bglgepiolghndacjbjadadjnkgfgehcd [2014-02-12]
CHR Extension: (YouTube) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-25]
CHR Extension: (Google Search) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-25]
CHR Extension: (No Name) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecfmlfgikjdagjikheaahnghjpajaljn [2014-05-24]
CHR Extension: (No Name) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkfhabhpnkdiiiogbocaoiimogaadgmn [2014-01-27]
CHR Extension: (No Name) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moieabkfabdhfjlnalkfhdfekmmldnij [2014-03-18]
CHR Extension: (Google Wallet) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (sAveoRon) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\phcpimhcgagmbgbefciohdhljehmnalp [2014-02-15]
CHR Extension: (Gmail) - C:\Users\kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2014-04-18] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-15] (McAfee, Inc.)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-15] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [File not signed]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1265824 2012-10-23] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-10-22] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2014-04-17] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-15] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-15] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-15] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-15] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-25 17:33 - 2014-06-25 17:33 - 00854367 _____ () C:\Users\kerstin\Downloads\SecurityCheck.exe
2014-06-24 22:08 - 2014-06-24 22:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-19 22:32 - 2014-06-19 22:32 - 01057176 _____ (Adobe) C:\Users\kerstin\Downloads\install_flashplayer14x32_ltr5x64d_awc_aih.exe
2014-06-19 22:32 - 2014-06-19 22:32 - 00000000 ____D () C:\Users\kerstin\AppData\Local\Macromedia
2014-06-19 22:30 - 2014-06-25 17:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-19 22:30 - 2014-06-19 22:30 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-19 22:02 - 2014-06-19 22:02 - 02347384 _____ (ESET) C:\Users\kerstin\Downloads\esetsmartinstaller_deu.exe
2014-06-19 21:58 - 2014-06-25 17:35 - 00000000 ____D () C:\Users\kerstin\Downloads\FRST-OlderVersion
2014-06-15 22:10 - 2014-06-15 22:10 - 00000755 _____ () C:\Users\kerstin\Desktop\JRT.txt
2014-06-15 22:05 - 2014-06-15 22:05 - 00000000 ____D () C:\Windows\ERUNT
2014-06-15 22:04 - 2014-06-15 22:04 - 01016261 _____ (Thisisu) C:\Users\kerstin\Downloads\JRT.exe
2014-06-15 21:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-15 21:58 - 2014-06-15 21:59 - 00000000 ____D () C:\AdwCleaner
2014-06-15 21:58 - 2014-06-15 21:58 - 01333465 _____ () C:\Users\kerstin\Downloads\adwcleaner_3.212.exe
2014-06-15 21:57 - 2014-06-15 21:57 - 00002566 _____ () C:\Users\kerstin\Desktop\mbam.txt
2014-06-15 21:56 - 2014-06-15 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-15 21:56 - 2014-06-15 21:56 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-03 22:37 - 2014-06-03 22:37 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\gncqmakw.sys
2014-06-03 21:58 - 2014-06-03 21:58 - 00001264 _____ () C:\Users\kerstin\Desktop\Revo Uninstaller.lnk
2014-06-03 21:58 - 2014-06-03 21:58 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-03 21:57 - 2014-06-03 21:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\kerstin\Downloads\revosetup95.exe
2014-06-03 21:56 - 2014-06-03 21:56 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-05-28 09:28 - 2014-05-28 09:28 - 00279640 _____ () C:\Windows\Minidump\052814-25140-01.dmp
2014-05-28 08:37 - 2014-05-28 08:37 - 00007137 _____ () C:\Users\kerstin\Desktop\gmer.txt
2014-05-28 08:31 - 2014-05-28 08:31 - 00380416 _____ () C:\Users\kerstin\Downloads\Gmer-19357.exe
2014-05-28 08:30 - 2014-05-28 08:31 - 00034612 _____ () C:\Users\kerstin\Downloads\Addition.txt
2014-05-28 08:29 - 2014-06-25 17:36 - 00020869 _____ () C:\Users\kerstin\Downloads\FRST.txt
2014-05-28 08:29 - 2014-06-25 17:36 - 00000000 ____D () C:\FRST
2014-05-28 08:29 - 2014-06-25 17:35 - 02082816 _____ (Farbar) C:\Users\kerstin\Downloads\FRST64.exe
2014-05-28 08:28 - 2014-05-28 08:28 - 00000476 _____ () C:\Users\kerstin\Downloads\defogger_disable.log
2014-05-28 08:28 - 2014-05-28 08:28 - 00000000 _____ () C:\Users\kerstin\defogger_reenable
2014-05-28 08:27 - 2014-05-28 08:27 - 00050477 _____ () C:\Users\kerstin\Downloads\Defogger.exe
2014-05-28 07:57 - 2014-06-25 17:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 07:57 - 2014-05-28 07:57 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-28 07:57 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-28 07:57 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-28 07:57 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-28 07:56 - 2014-05-28 07:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\kerstin\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 07:31 - 2014-05-28 07:31 - 03673664 _____ (Piriform Ltd) C:\Users\kerstin\Downloads\ccsetup414_slim.exe
2014-05-28 07:31 - 2014-05-28 07:31 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-05-28 07:31 - 2014-05-28 07:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-28 07:31 - 2014-05-28 07:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-28 07:31 - 2014-05-28 07:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-27 18:10 - 2014-05-27 18:10 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-27 18:10 - 2014-05-27 18:10 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-27 18:10 - 2014-05-27 18:10 - 00000000 ____D () C:\Users\kerstin\AppData\Local\Mozilla
2014-05-27 18:08 - 2014-05-27 18:08 - 00283144 _____ (Mozilla) C:\Users\kerstin\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-27 17:40 - 2014-05-27 17:40 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\Avira
2014-05-27 17:39 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-27 17:39 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-27 17:39 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-27 17:36 - 2014-05-27 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-27 17:36 - 2014-05-27 17:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-27 17:36 - 2014-05-27 17:36 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-27 17:35 - 2014-05-27 17:39 - 00000000 ____D () C:\ProgramData\Avira
2014-05-27 17:35 - 2014-05-27 17:35 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\kerstin\Downloads\avira_de_av_4000461663__ws.exe
2014-05-27 17:35 - 2014-05-27 17:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-27 17:32 - 2014-05-27 17:32 - 00003402 _____ () C:\Windows\System32\Tasks\{CC799F03-888A-48DF-B208-788F6A14DAE5}
2014-05-27 17:27 - 2014-05-27 17:27 - 00000000 ____D () C:\Program Files (x86)\DaoocSCoonvoErtteer
2014-05-26 16:43 - 2014-06-15 21:56 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-05-26 16:43 - 2014-06-15 21:56 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-05-26 16:43 - 2014-05-26 16:43 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-26 16:37 - 2014-05-28 08:16 - 00000000 ____D () C:\temp
2014-05-26 11:26 - 2014-05-26 11:26 - 00279584 _____ () C:\Windows\Minidump\052614-64640-01.dmp
2014-05-26 11:24 - 2014-05-26 11:24 - 00000000 __SHD () C:\found.002
2014-05-26 08:46 - 2014-06-03 22:12 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\FreePDFReader
2014-05-26 08:45 - 2014-05-26 08:46 - 00000000 ____D () C:\Program Files (x86)\FreePDFReader

==================== One Month Modified Files and Folders =======

2014-06-25 17:37 - 2014-05-28 08:29 - 00020869 _____ () C:\Users\kerstin\Downloads\FRST.txt
2014-06-25 17:36 - 2014-05-28 08:29 - 00000000 ____D () C:\FRST
2014-06-25 17:35 - 2014-06-19 21:58 - 00000000 ____D () C:\Users\kerstin\Downloads\FRST-OlderVersion
2014-06-25 17:35 - 2014-05-28 08:29 - 02082816 _____ (Farbar) C:\Users\kerstin\Downloads\FRST64.exe
2014-06-25 17:33 - 2014-06-25 17:33 - 00854367 _____ () C:\Users\kerstin\Downloads\SecurityCheck.exe
2014-06-25 17:32 - 2014-05-28 07:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-25 17:30 - 2014-06-19 22:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-25 17:09 - 2013-01-09 02:00 - 01533371 _____ () C:\Windows\WindowsUpdate.log
2014-06-25 17:05 - 2013-08-18 20:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-25 17:00 - 2013-07-08 17:26 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-25 17:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-06-25 16:59 - 2013-07-07 09:42 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2506654650-796066991-677667921-1001
2014-06-25 16:54 - 2013-07-25 15:39 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-25 13:03 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\tracing
2014-06-25 12:49 - 2014-03-27 09:46 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C9F0AAB-17A9-4111-A221-1345BA5E1119}
2014-06-25 12:47 - 2013-07-07 09:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-25 12:46 - 2013-07-25 15:39 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-24 23:16 - 2013-07-07 09:21 - 00000000 ____D () C:\Users\kerstin\AppData\Local\VirtualStore
2014-06-24 22:08 - 2014-06-24 22:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-24 21:10 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-24 21:08 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-24 21:03 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-19 22:32 - 2014-06-19 22:32 - 01057176 _____ (Adobe) C:\Users\kerstin\Downloads\install_flashplayer14x32_ltr5x64d_awc_aih.exe
2014-06-19 22:32 - 2014-06-19 22:32 - 00000000 ____D () C:\Users\kerstin\AppData\Local\Macromedia
2014-06-19 22:30 - 2014-06-19 22:30 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-19 22:02 - 2014-06-19 22:02 - 02347384 _____ (ESET) C:\Users\kerstin\Downloads\esetsmartinstaller_deu.exe
2014-06-15 22:15 - 2013-01-09 02:30 - 00000000 ____D () C:\ProgramData\MOCP
2014-06-15 22:10 - 2014-06-15 22:10 - 00000755 _____ () C:\Users\kerstin\Desktop\JRT.txt
2014-06-15 22:05 - 2014-06-15 22:05 - 00000000 ____D () C:\Windows\ERUNT
2014-06-15 22:04 - 2014-06-15 22:04 - 01016261 _____ (Thisisu) C:\Users\kerstin\Downloads\JRT.exe
2014-06-15 22:01 - 2014-04-18 16:10 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-15 22:01 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-15 22:00 - 2012-08-03 04:22 - 00150142 _____ () C:\Windows\PFRO.log
2014-06-15 22:00 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-15 21:59 - 2014-06-15 21:58 - 00000000 ____D () C:\AdwCleaner
2014-06-15 21:59 - 2013-07-07 08:58 - 00000000 ____D () C:\Users\kerstin
2014-06-15 21:58 - 2014-06-15 21:58 - 01333465 _____ () C:\Users\kerstin\Downloads\adwcleaner_3.212.exe
2014-06-15 21:57 - 2014-06-15 21:57 - 00002566 _____ () C:\Users\kerstin\Desktop\mbam.txt
2014-06-15 21:56 - 2014-06-15 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-15 21:56 - 2014-06-15 21:56 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-15 21:56 - 2014-05-26 16:43 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-15 21:56 - 2014-05-26 16:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-03 22:37 - 2014-06-03 22:37 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\gncqmakw.sys
2014-06-03 22:37 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Web
2014-06-03 22:14 - 2014-02-15 22:48 - 00000000 ____D () C:\ProgramData\sAveoRon
2014-06-03 22:12 - 2014-05-26 08:46 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\FreePDFReader
2014-06-03 21:58 - 2014-06-03 21:58 - 00001264 _____ () C:\Users\kerstin\Desktop\Revo Uninstaller.lnk
2014-06-03 21:58 - 2014-06-03 21:58 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-03 21:57 - 2014-06-03 21:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\kerstin\Downloads\revosetup95.exe
2014-06-03 21:56 - 2014-06-03 21:56 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-05-30 19:47 - 2013-09-15 21:52 - 00007680 ___SH () C:\Users\kerstin\Thumbs.db
2014-05-28 09:28 - 2014-05-28 09:28 - 00279640 _____ () C:\Windows\Minidump\052814-25140-01.dmp
2014-05-28 09:28 - 2013-09-24 20:32 - 00000000 ____D () C:\Windows\Minidump
2014-05-28 09:28 - 2013-09-18 13:30 - 536517532 _____ () C:\Windows\MEMORY.DMP
2014-05-28 08:37 - 2014-05-28 08:37 - 00007137 _____ () C:\Users\kerstin\Desktop\gmer.txt
2014-05-28 08:31 - 2014-05-28 08:31 - 00380416 _____ () C:\Users\kerstin\Downloads\Gmer-19357.exe
2014-05-28 08:31 - 2014-05-28 08:30 - 00034612 _____ () C:\Users\kerstin\Downloads\Addition.txt
2014-05-28 08:28 - 2014-05-28 08:28 - 00000476 _____ () C:\Users\kerstin\Downloads\defogger_disable.log
2014-05-28 08:28 - 2014-05-28 08:28 - 00000000 _____ () C:\Users\kerstin\defogger_reenable
2014-05-28 08:27 - 2014-05-28 08:27 - 00050477 _____ () C:\Users\kerstin\Downloads\Defogger.exe
2014-05-28 08:16 - 2014-05-26 16:37 - 00000000 ____D () C:\temp
2014-05-28 07:57 - 2014-05-28 07:57 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 07:57 - 2014-05-28 07:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-28 07:56 - 2014-05-28 07:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\kerstin\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 07:31 - 2014-05-28 07:31 - 03673664 _____ (Piriform Ltd) C:\Users\kerstin\Downloads\ccsetup414_slim.exe
2014-05-28 07:31 - 2014-05-28 07:31 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-05-28 07:31 - 2014-05-28 07:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-28 07:31 - 2014-05-28 07:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-28 07:31 - 2014-05-28 07:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-27 20:15 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-27 18:10 - 2014-05-27 18:10 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-27 18:10 - 2014-05-27 18:10 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-27 18:10 - 2014-05-27 18:10 - 00000000 ____D () C:\Users\kerstin\AppData\Local\Mozilla
2014-05-27 18:08 - 2014-05-27 18:08 - 00283144 _____ (Mozilla) C:\Users\kerstin\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-27 18:07 - 2012-07-26 07:26 - 00000226 _____ () C:\Windows\win.ini
2014-05-27 17:44 - 2014-02-03 20:34 - 00000000 ____D () C:\ProgramData\DaoocSCoonvoErtteer
2014-05-27 17:40 - 2014-05-27 17:40 - 00000000 ____D () C:\Users\kerstin\AppData\Roaming\Avira
2014-05-27 17:39 - 2014-05-27 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-27 17:39 - 2014-05-27 17:36 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-27 17:39 - 2014-05-27 17:35 - 00000000 ____D () C:\ProgramData\Avira
2014-05-27 17:36 - 2014-05-27 17:36 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-27 17:35 - 2014-05-27 17:35 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\kerstin\Downloads\avira_de_av_4000461663__ws.exe
2014-05-27 17:35 - 2014-05-27 17:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-27 17:32 - 2014-05-27 17:32 - 00003402 _____ () C:\Windows\System32\Tasks\{CC799F03-888A-48DF-B208-788F6A14DAE5}
2014-05-27 17:31 - 2013-07-30 11:03 - 00000000 ____D () C:\Users\kerstin\AppData\Local\CrashDumps
2014-05-27 17:30 - 2013-01-09 01:36 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-05-27 17:30 - 2013-01-09 01:36 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-05-27 17:30 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 17:27 - 2014-05-27 17:27 - 00000000 ____D () C:\Program Files (x86)\DaoocSCoonvoErtteer
2014-05-27 17:26 - 2014-01-27 21:37 - 00000000 ____D () C:\ProgramData\a130b489b9c6817
2014-05-27 14:34 - 2014-05-04 19:16 - 00000463 _____ () C:\Users\kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2014-05-27 11:46 - 2013-06-06 19:02 - 00014336 ___SH () C:\Users\kerstin\Downloads\Thumbs.db
2014-05-26 16:43 - 2014-05-26 16:43 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-26 16:43 - 2013-01-09 02:26 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-26 16:42 - 2013-01-09 02:26 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-26 11:26 - 2014-05-26 11:26 - 00279584 _____ () C:\Windows\Minidump\052614-64640-01.dmp
2014-05-26 11:24 - 2014-05-26 11:24 - 00000000 __SHD () C:\found.002
2014-05-26 08:46 - 2014-05-26 08:45 - 00000000 ____D () C:\Program Files (x86)\FreePDFReader
2014-05-26 08:35 - 2013-01-09 02:26 - 00000000 ____D () C:\ProgramData\Temp

Some content of TEMP:
====================
C:\Users\kerstin\AppData\Local\Temp\avgnt.exe
C:\Users\kerstin\AppData\Local\Temp\BackupSetup.exe
C:\Users\kerstin\AppData\Local\Temp\install_reader11_de_mssa_aaa_aih.exe
C:\Users\kerstin\AppData\Local\Temp\mfc80.dll
C:\Users\kerstin\AppData\Local\Temp\mfc80u.dll
C:\Users\kerstin\AppData\Local\Temp\mfcm80.dll
C:\Users\kerstin\AppData\Local\Temp\mfcm80u.dll
C:\Users\kerstin\AppData\Local\Temp\msvcm80.dll
C:\Users\kerstin\AppData\Local\Temp\msvcp80.dll
C:\Users\kerstin\AppData\Local\Temp\msvcr80.dll
C:\Users\kerstin\AppData\Local\Temp\OSU.exe
C:\Users\kerstin\AppData\Local\Temp\Quarantine.exe
C:\Users\kerstin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\kerstin\AppData\Local\Temp\VersionUpdater.exe
C:\Users\kerstin\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\kerstin\AppData\Local\Temp\WTGXMLUtil.dll
C:\Users\kerstin\AppData\Local\Temp\WtgZip.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-25 16:59

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Nochmal Danke für die tolle Hilfe!!!!!

Liebe Grüße
Joolez

Alt 26.06.2014, 15:04   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Java updaten.

Ordner Windows.old löschen.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.06.2014, 17:49   #12
JustJoolez
 
Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Danke für die tolle Hilfe!!!! Thread kann geschlossen werden :-)

Alt 27.06.2014, 11:24   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Standard

Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)
c:\windows\system32\roboot64.exe, ccsetup, conduit.search, conduit.search entfernen, continue, geht nicht mehr, install.exe, internet explorer, msil/webcake.b, pup.optional.bundleinstaller.a, pup.optional.conduit.a, pup.optional.multiie.a, speedtest, vcredist, win32/anyprotect.d, win32/conduit.searchprotect.n, win32/installcore.oh, win32/sprotector.e, win32/toolbar.babylon.e, win32/toolbar.babylon.h, win32/toolbar.babylon.i, win32/toolbar.babylon.m, win32/toolbar.babylon.p, win32/toolbar.babylon.u, win32/toolbar.babylon.v, win32/toolbar.montiera.b, win32/toolbar.montiera.i, win32/vopackage.j



Ähnliche Themen: Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)


  1. Programme lassen sich nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 17.04.2015 (11)
  2. Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen
    Antiviren-, Firewall- und andere Schutzprogramme - 23.03.2015 (10)
  3. Programme lassen sich nicht mehr über Systemsteuerung löschen
    Log-Analyse und Auswertung - 09.12.2013 (19)
  4. Programme lassen sich nicht mehr öffnen
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (29)
  5. alte Programme lassen sich nach Upgrade von XP auf Win7 prof. nicht löschen
    Alles rund um Windows - 31.08.2012 (2)
  6. Programme lassen sich nicht mehr öffnen -> löschen sich bei Öffnungsversuch
    Plagegeister aller Art und deren Bekämpfung - 01.12.2011 (29)
  7. Programme lassen sich nicht mehr öffnen
    Plagegeister aller Art und deren Bekämpfung - 19.08.2011 (6)
  8. Installierte Programme lassen sich nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 19.11.2010 (7)
  9. Programme (u.a. Antvir) lassen sich nicht mehr aktualisieren !
    Log-Analyse und Auswertung - 26.04.2010 (8)
  10. MS Office Programme lassen sich nicht mehr starten
    Alles rund um Windows - 31.01.2010 (9)
  11. Programme lassen sich gar nicht mehr/umständlich öffnen
    Mülltonne - 02.12.2007 (1)
  12. Dateien lassen sich nicht mehr löschen
    Alles rund um Windows - 02.12.2007 (14)
  13. Dateien lassen sich nicht mehr löschen
    Mülltonne - 30.11.2007 (1)
  14. Programme verschwinden / lassen sich nicht mehr starten
    Log-Analyse und Auswertung - 15.06.2007 (1)
  15. programme lassen sich nicht mehr öffnen
    Log-Analyse und Auswertung - 08.06.2006 (3)
  16. Nach kurzen Internetbesuch lassen sich diverse Programme nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 28.09.2005 (2)
  17. bestimmte Programme lassen sich nicht mehr öffne u.a..
    Plagegeister aller Art und deren Bekämpfung - 02.07.2005 (2)

Zum Thema Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) - Hallo alle zusammen, meine Tante hat mir ihren Laptop vorbeigebracht mit der Aussage "der geht nicht mehr so richtig." Direkt nach dem hochfahren kam eine Popupfenster "4600 Fehler gefunden. Klicken - Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr)...
Archiv
Du betrachtest: Diverse Programme lassen sich nicht löschen (PCPerformer, Speedtest und mehr) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.