Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Automatische Lastschrift konnte nicht geöffnet werden!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.10.2014, 22:55   #1
sedafrost
 
Automatische Lastschrift konnte nicht geöffnet werden! - Icon23

Automatische Lastschrift konnte nicht geöffnet werden!



Hallo,
ich glaube, ich habe großen Mist gebaut...
Habe heute aus Schreck einfach den Anhang gespeichert und geöffnet, wirklich aufmachen ließ es sich nicht... und das er von Facebook stammen sollte kam mir dann leider erst hinterher komisch vor.
Als ich danach die gespeicherte Datei durch Avira jagte, kam raus das es Trojaner sind, wurde von Avira gleich in Quarantäne verschoben. Eine weitere Suche ergab keinen Fund.
TR/Matsnu.A.216

Hat mein Laptop noch Hoffnungen???

Geändert von sedafrost (01.10.2014 um 23:06 Uhr)

Alt 01.10.2014, 23:13   #2
Bootsektor
/// TB-Ausbilder
 
Automatische Lastschrift konnte nicht geöffnet werden! - Standard

Automatische Lastschrift konnte nicht geöffnet werden!





Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Lass uns mal nachschauen, was da so los ist
Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 02.10.2014, 00:17   #3
sedafrost
 
Automatische Lastschrift konnte nicht geöffnet werden! - Standard

Automatische Lastschrift konnte nicht geöffnet werden!



Hallo Sandra, danke für die schnelle Antwort, ich hoffe ich mache das richtig.
FRST.txt
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014 01
Ran by Cansel (administrator) on CANSEL-VAIO on 02-10-2014 01:07:19
Running from C:\Users\Cansel\Downloads
Loaded Profile: Cansel (Available profiles: Cansel)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc2.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation)
HKLM-x32\...\Run: [Mobile Connection Manager] => C:\Program Files (x86)\o2\Mobile Connection Manager\emmsn.exe [3761592 2010-03-25] (Telefónica I+D)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\MountPoints2: {7fe190df-36d2-11e0-bdf2-c0cb38f4c7a1} - E:\AutoRun.exe
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\MountPoints2: {7fe190ea-36d2-11e0-bdf2-c0cb38f4c7a1} - E:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:49198;https=127.0.0.1:49198
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=ce9f6894-7778-99d9-1cbd-670e6851aca3&searchtype=ds&q={searchTerms}&installDate=16/08/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=ce9f6894-7778-99d9-1cbd-670e6851aca3&searchtype=ds&q={searchTerms}&installDate=16/08/2013
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name -> {11111111-1111-1111-1111-110311301136} ->  No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default
FF Homepage: hxxp://www.google.com
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Cansel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF user.js: detected! => C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-2.2c - C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\Extensions\ODNZSOUV80284234@YL43682704.com [2014-09-01]
FF Extension: toolplugin - C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\Extensions\welcome@toolmin.com [2012-02-12]
FF Extension: Free YouTube Download (Free Studio) Menu - C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012-11-18]
FF Extension: 1ClickMovie Downloader - C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\Extensions\clickMvd@clickMvd.com.xpi [2013-06-26]
FF Extension: Movie2kDownloader - C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\Extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-08-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-08-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-08-21]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-17]

Chrome: 
=======
CHR Profile: C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-10]
CHR Extension: (No Name) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-10]
CHR Extension: (Google Search) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-10]
CHR Extension: (Google Wallet) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-10]
CHR Extension: (Gmail) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-10]
CHR HKLM-x32\...\Chrome\Extension: [hpomcmndppalndoljdilmfkkjkcnongl] - C:\Program Files (x86)\1clickmoviedownloader.com\clickmoviedownloader10.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [118056 2014-06-09] (Elex do Brasil Participações Ltda)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [239616 2012-08-07] (Samsung Electronics Co., Ltd.) [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [194048 2010-03-08] (Telefónica I+D) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [114608 2013-02-12] (Avira GmbH)
R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [141376 2013-02-12] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-28] (Avira Operations GmbH & Co. KG)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
R3 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [232960 2014-06-09] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [66048 2014-06-09] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [48640 2014-06-09] (Elex do Brasil Participações Ltda)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-28] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 iSafeKrnlBoot; \??\system32\DRIVERS\iSafeKrnlBoot.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-02 01:07 - 2014-10-02 01:08 - 00024422 _____ () C:\Users\Cansel\Downloads\FRST.txt
2014-10-02 01:06 - 2014-10-02 01:07 - 00000000 ___DC () C:\FRST
2014-10-02 01:04 - 2014-10-02 01:04 - 02108928 _____ (Farbar) C:\Users\Cansel\Downloads\FRST64.exe
2014-10-01 23:15 - 2014-10-01 23:15 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-10-01 23:14 - 2014-10-01 23:14 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cansel\Downloads\SpyHunter-Installer (2).exe
2014-10-01 21:52 - 2014-10-01 21:52 - 00122064 _____ () C:\Users\Cansel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-01 21:43 - 2014-10-01 21:43 - 02347384 _____ (ESET) C:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe
2014-10-01 21:43 - 2014-10-01 21:43 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-01 21:37 - 2014-10-01 21:37 - 00023793 _____ () C:\Users\Cansel\Downloads\Addition.txt
2014-09-25 20:47 - 2014-06-16 08:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-09-25 20:47 - 2014-06-16 08:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-09-23 15:49 - 2014-09-23 15:49 - 00000000 ___DC () C:\ab3649312632ab9b2e1875c0
2014-09-16 17:26 - 2014-09-16 17:26 - 00000000 ___DC () C:\eb6be553422695051bf75c63
2014-09-16 17:24 - 2014-10-02 00:40 - 00000000 ____D () C:\Program Files (x86)\RocketTab
2014-09-16 17:24 - 2014-09-16 17:24 - 00004148 _____ () C:\Windows\System32\Tasks\RocketTab Update Task
2014-09-16 17:24 - 2014-09-16 17:24 - 00003362 _____ () C:\Windows\System32\Tasks\RocketTab
2014-09-10 19:51 - 2014-09-23 15:47 - 00000000 ____D () C:\Users\Cansel\Documents\Scan
2014-09-10 10:10 - 2014-09-05 04:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 10:10 - 2014-09-05 03:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 10:17 - 2014-09-03 10:17 - 00002204 _____ () C:\Users\Cansel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-09-02 19:51 - 2014-09-25 20:48 - 00000000 ___DC () C:\Program Files\SAMSUNG
2014-09-02 18:53 - 2014-10-02 01:07 - 00000000 ____D () C:\Users\Cansel\Documents\Outlook-Dateien
2014-09-02 18:50 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-09-02 18:49 - 2014-09-02 18:50 - 00001973 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-09-02 18:24 - 2014-09-02 18:25 - 39279648 _____ (Samsung Electronics Co., Ltd.) C:\Users\Cansel\Downloads\Kies3Setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-02 01:06 - 2009-07-14 06:45 - 00019536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 01:06 - 2009-07-14 06:45 - 00019536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 00:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-02 00:44 - 2011-02-07 22:16 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{15D7B2EE-0195-4275-86F7-1C2AD8E6FB3C}
2014-10-02 00:16 - 2013-09-10 22:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-02 00:15 - 2012-07-28 14:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-01 23:26 - 2011-09-22 09:39 - 00001142 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000UA.job
2014-10-01 21:52 - 2014-01-03 21:29 - 00000000 ____D () C:\Users\Cansel\AppData\Roaming\iSafe
2014-10-01 20:03 - 2013-07-26 14:03 - 00001200 _____ () C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job
2014-10-01 20:03 - 2013-07-26 14:03 - 00001196 _____ () C:\Windows\Tasks\Plus-HD-2.2-updater.job
2014-10-01 20:03 - 2013-07-26 14:03 - 00001100 _____ () C:\Windows\Tasks\Plus-HD-2.2-enabler.job
2014-10-01 20:02 - 2013-07-26 14:02 - 00001908 _____ () C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job
2014-10-01 20:02 - 2013-07-26 14:02 - 00001832 _____ () C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job
2014-10-01 19:17 - 2014-01-04 02:24 - 00000000 ___RD () C:\Users\Cansel\Desktop\Systemwartung&Sicherheit
2014-10-01 19:16 - 2013-09-10 22:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-01 17:19 - 2013-09-28 01:52 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-10-01 15:54 - 2011-02-07 22:10 - 01377488 ____N () C:\Windows\WindowsUpdate.log
2014-10-01 15:31 - 2011-09-22 09:39 - 00001120 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000Core.job
2014-09-28 22:41 - 2014-01-04 00:36 - 00000396 _____ () C:\Windows\Tasks\SpyHunter4.job
2014-09-25 23:53 - 2014-01-03 21:29 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-09-25 20:50 - 2013-01-09 03:38 - 00000000 ____D () C:\Users\Cansel\Documents\SelfMV
2014-09-25 15:15 - 2012-07-28 14:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-25 15:15 - 2012-07-28 14:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 15:15 - 2012-07-28 14:37 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-25 15:14 - 2010-11-25 13:23 - 00000000 ____D () C:\Temp
2014-09-25 15:07 - 2013-11-04 21:21 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-25 14:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-23 17:31 - 2011-02-07 22:11 - 00000000 ____D () C:\Users\Cansel
2014-09-19 12:53 - 2011-10-06 15:39 - 00000000 ____D () C:\Users\Cansel\AppData\Roaming\SoftGrid Client
2014-09-16 22:00 - 2010-11-25 21:39 - 00703338 _____ () C:\Windows\system32\perfh007.dat
2014-09-16 22:00 - 2010-11-25 21:39 - 00152228 _____ () C:\Windows\system32\perfc007.dat
2014-09-16 22:00 - 2009-07-14 07:13 - 00006734 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 21:06 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-16 17:04 - 2011-07-27 16:44 - 01595628 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-15 09:06 - 2011-07-29 00:38 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-11 20:40 - 2014-08-14 12:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 20:29 - 2013-08-16 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 20:21 - 2011-02-15 01:37 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-03 10:19 - 2011-02-07 22:13 - 00000000 ____D () C:\Users\Cansel\Documents\Bluetooth-Exchange-Ordner
2014-09-02 18:54 - 2013-01-09 02:37 - 00000000 ____D () C:\Users\Cansel\Documents\samsung
2014-09-02 18:53 - 2013-11-04 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-02 18:50 - 2013-01-09 02:30 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-09-02 18:50 - 2013-01-09 02:18 - 00000000 ____D () C:\Users\Cansel\AppData\Local\Downloaded Installations
2014-09-02 18:49 - 2013-01-09 02:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-09-02 18:48 - 2013-01-09 02:37 - 00000000 ____D () C:\Users\Cansel\AppData\Roaming\Samsung
2014-09-02 18:48 - 2010-10-12 19:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

Some content of TEMP:
====================
C:\Users\Cansel\AppData\Local\Temp\SHSetup.exe
C:\Users\Cansel\AppData\Local\Temp\System.Data.SQLite.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 20:06

==================== End Of Log ============================
         
--- --- ---
Addition.txtFRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014 01
Ran by Cansel at 2014-10-02 01:08:26
Running from C:\Users\Cansel\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (x32 Version: 8.0.1 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.8) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{5BC83141-83DD-07BE-C940-04B385540F04}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0920.2143.37117 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help English (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help French (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help German (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0920.2143.37117 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0920.2143.37117 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.804 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version:  - Mobile Connection Manager)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.002.03.29.40 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlayMemories Home Plug-in (Version: 2.0.00.14170 - Sony Corporation) Hidden
PlayMemories Home/PMB VAIO Edition Plug-in 3D Theme Data (x32 Version: 1.0.00.16130 - Sony Corporation) Hidden
PlayMemories Home/PMB VAIO Edition Plug-in Ver.2.2 Upgrade Program (x32 Version: 2.2.00.18250 - Sony Corporation) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.7.0 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.7.0 - Sony Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
RocketTab (HKLM-x32\...\RocketTab) (Version:  - RocketTab) <==== ATTENTION
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.04.06 (07.08.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.63.01(09.08.2012) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.32 (17.07.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.20.02 - Samsung Electronics Co., Ltd.) Hidden
Samsung SCX-472x Series (HKLM-x32\...\Samsung SCX-472x Series) (Version: 1.20 (09.10.2012) - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.10 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.10.104 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
VAIO - PlayMemories Home Plug-in (HKLM-x32\...\InstallShield_{F9395F3D-4198-476C-8C41-63D0B5B51E35}) (Version: 2.2.00.18250 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.2.08070 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 3.1.00.16130 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.1.09230 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 3.1.00.16130 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WEB.DE MailCheck für Google Chrome (HKLM-x32\...\1&1 Mail & Media WEB.DE MailCheck GC) (Version: 1.0.0.0 - 1&1 Mail & Media GmbH)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
YAC (HKLM-x32\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

22-09-2014 01:00:11 Windows Update
23-09-2014 01:00:11 Windows Update
23-09-2014 13:49:04 Windows Update
24-09-2014 00:38:38 Windows Update
26-09-2014 16:23:19 Windows Update
27-09-2014 01:00:11 Windows Update
28-09-2014 13:23:31 Windows Update
29-09-2014 20:09:17 Windows Update
30-09-2014 08:25:08 Windows Update
01-10-2014 13:20:46 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03D3E67A-B396-43B0-9728-8BDFECFECEB4} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {0F8DA4E8-785B-4809-B31C-9B17496526C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-10] (Google Inc.)
Task: {100CB707-86B1-45CF-A6C3-7CEAB9E22ACB} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {128E56CE-968B-4EDB-97C7-7DF92718D126} - System32\Tasks\Plus-HD-2.2-firefoxinstaller => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe
Task: {1521D2C6-C63E-4328-B298-19061A2D677F} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {17372719-463A-45CF-B526-4F01A6EA3730} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1BA1B0E5-AB64-4C9E-BF73-B9F00FDC9110} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-10] (Google Inc.)
Task: {1F34C96E-8381-470F-BF4F-48D17FE2167A} - System32\Tasks\Plus-HD-2.2-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe
Task: {267FA4A5-F1A7-400F-B041-0F1C46F2CA76} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {29FAF33E-A2B7-47FC-845C-FB8286E00064} - System32\Tasks\SpyHunter4 => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: {33E18BE4-41AD-4884-BAB2-50C2E41D346F} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {3B90C3F9-7DB6-4F84-A8D0-DCAA68DF3854} - System32\Tasks\RocketTab => C:\Windows\system32\cmd.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {3BF8FF31-BD3F-4DA8-9DA9-943B5D130D58} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-05-28] (Sony Corporation)
Task: {40CB970A-4B36-4C75-9BD3-468D8709C968} - System32\Tasks\Plus-HD-2.2-updater => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-updater.exe
Task: {42F5F7A7-00E8-45A6-A188-5BB1F6EFBD02} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {43896CBE-3C15-4E88-877A-57FB0F40CAD6} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {45B730D0-B703-456E-9E7D-ED0F3BB1E232} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {4CC17B2C-C4E0-4424-86A9-87E7A79B0D76} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {526087BF-22C0-4FCF-8DE0-96E74F381910} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: {55ABACCD-8621-4290-A0F2-C266CA16FCBD} - System32\Tasks\Plus-HD-2.2-codedownloader => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe
Task: {58EC0125-BBCC-4FE9-AA0D-8B238BEDF0AC} - System32\Tasks\{6493F0D8-4001-4D43-9FE0-73FE9E790208} => E:\pcconfig.exe
Task: {5A98846C-8E5F-4961-96A4-3A8E5F72E46A} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {62CEEE0E-0E12-4342-854C-B83514436072} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {68022D17-C867-4001-9C3E-A93BE689EFBC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {68260F2B-3441-4EE7-A783-16A90EF186EF} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {862A11AB-10E6-4233-AA1D-6D9BBDC48C98} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Cansel => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2010-01-20] (Sony Corporation)
Task: {868F0926-F9C6-4D5C-910A-49063FD22B4B} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9CA8A6A4-FFE5-4F43-9471-17683D4A018B} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\RocketTab\uninstall.exe <==== ATTENTION
Task: {9E3EE384-AF21-4ED6-8B9D-CA0F8D640C8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {B2D6153E-8BCA-4B36-B02C-256CA4A1DD10} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {B38CA13F-131E-4184-85BD-6A8518898527} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {BC430D45-369A-437F-B87D-2D49BD46004D} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {C847CD26-F8F2-4A40-89F7-832FE220EA46} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {CB536F13-E419-4011-9BE8-24BEBE1901DA} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {D1564667-0C05-47BD-9885-DA15D5B5B976} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {DD84CDD3-622C-4D2A-8BA9-13A29753F948} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000Core => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {E1ACB83B-81BF-4492-BEC8-C5F361EFEED5} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {E305B1EB-B1B9-40AE-819F-271E30E1A149} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {EDB08A1A-F10E-4348-A57A-F8A96E55AEFB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {EE9BC219-6539-4B51-B8D2-B3CDA6E8521D} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F0EE1D6D-568F-4A45-8261-A4F81E5BC77A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {F0F003FF-2A4E-427F-9AA6-BCCA088E15D1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000UA => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {F4E5A8E0-4363-4E27-B2C1-895D20B58321} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-01-27] (Sony Corporation)
Task: {FD4B3E77-A2A0-4DC8-808A-378858BA8D88} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {FF6379F2-7C1B-45DE-899A-A5527B710622} - System32\Tasks\Plus-HD-2.2-enabler => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-enabler.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000Core.job => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000UA.job => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-enabler.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-updater.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpyHunter4.job => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

==================== Loaded Modules (whitelisted) =============

2013-07-26 10:42 - 2013-07-26 10:42 - 00034304 _____ () C:\Windows\System32\ssa3mlm.dll
2014-03-30 05:35 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-02-20 22:23 - 2012-02-20 22:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-04-23 06:01 - 2014-06-09 09:57 - 00065704 _____ () C:\Program Files (x86)\iSafe\zlib1.dll
2014-04-23 06:01 - 2014-06-09 09:55 - 00092328 _____ () C:\Program Files (x86)\iSafe\curlpp.dll
2014-01-04 04:45 - 2014-04-21 10:22 - 00176976 _____ () C:\Program Files (x86)\iSafe\tws\unrar.dll
2014-01-04 04:45 - 2014-04-21 10:22 - 00068432 _____ () C:\Program Files (x86)\iSafe\tws\zlib1.dll
2014-01-04 04:45 - 2014-04-21 10:22 - 00087744 _____ () C:\Program Files (x86)\iSafe\tws\unacev2.dll
2010-11-25 12:52 - 2010-05-31 20:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-11-25 12:52 - 2010-05-31 20:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-10-10 02:00 - 2013-10-10 02:00 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-10-12 19:14 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-25 15:03 - 2014-09-25 15:03 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-09-25 15:04 - 2014-09-25 15:05 - 01032360 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2014-01-04 04:45 - 2014-06-09 09:57 - 00182272 _____ () C:\Program Files (x86)\iSafe\libpng.dll
2014-09-25 15:21 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 15:21 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 15:21 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 15:21 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 15:21 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-25 15:21 - 2014-09-23 06:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Cansel\Documents\Fw_ Rechnung für Artikel GEBERIT DUOFIX Vorwandelement Wand WC Set WC Sitz mit Softclose WC mit Lotus( Artikelnummer_ 360487075262 )___.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sony MSS.lnk => C:\Windows\pss\Sony MSS.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Cansel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PricePeepUpdater.lnk => C:\Windows\pss\PricePeepUpdater.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: fssui => "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Cansel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

========================= Accounts: ==========================

Administrator (S-1-5-21-2717583150-1332987667-1640195566-500 - Administrator - Disabled)
Cansel (S-1-5-21-2717583150-1332987667-1640195566-1000 - Administrator - Enabled) => C:\Users\Cansel
Gast (S-1-5-21-2717583150-1332987667-1640195566-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2717583150-1332987667-1640195566-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Standardmäßige Modem-über-Bluetooth-Verbindung
Description: Standardmäßige Modem-über-Bluetooth-Verbindung
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standardmobiltelefone
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2014 11:24:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (10/01/2014 11:24:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (10/01/2014 11:24:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (10/01/2014 11:24:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (10/01/2014 11:24:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (10/01/2014 11:16:23 PM) (Source: MsiInstaller) (EventID: 11500) (User: Cansel-VAIO)
Description: Produkt: SpyHunter -- Fehler 1500. Eine andere Installation wird durchgeführt. Schließen Sie erst die andere Installation ab, bevor Sie mit dieser Installation fortfahren.

Error: (10/01/2014 11:16:21 PM) (Source: MsiInstaller) (EventID: 11500) (User: Cansel-VAIO)
Description: Produkt: SpyHunter -- Fehler 1500. Eine andere Installation wird durchgeführt. Schließen Sie erst die andere Installation ab, bevor Sie mit dieser Installation fortfahren.

Error: (10/01/2014 09:43:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (10/01/2014 09:43:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (10/01/2014 09:43:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.


System errors:
=============
Error: (10/01/2014 03:42:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656351)

Error: (10/01/2014 03:32:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2600217)

Error: (09/30/2014 10:46:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656351)

Error: (09/30/2014 10:36:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2600217)

Error: (09/29/2014 10:31:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656351)

Error: (09/29/2014 10:21:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2600217)

Error: (09/28/2014 03:45:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656351)

Error: (09/28/2014 03:35:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2600217)

Error: (09/27/2014 03:21:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656351)

Error: (09/27/2014 03:10:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2600217)


Microsoft Office Sessions:
=========================
Error: (10/01/2014 11:24:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe

Error: (10/01/2014 11:24:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe

Error: (10/01/2014 11:24:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe

Error: (10/01/2014 11:24:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe

Error: (10/01/2014 11:24:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe

Error: (10/01/2014 11:16:23 PM) (Source: MsiInstaller) (EventID: 11500) (User: Cansel-VAIO)
Description: Produkt: SpyHunter -- Fehler 1500. Eine andere Installation wird durchgeführt. Schließen Sie erst die andere Installation ab, bevor Sie mit dieser Installation fortfahren.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/01/2014 11:16:21 PM) (Source: MsiInstaller) (EventID: 11500) (User: Cansel-VAIO)
Description: Produkt: SpyHunter -- Fehler 1500. Eine andere Installation wird durchgeführt. Schließen Sie erst die andere Installation ab, bevor Sie mit dieser Installation fortfahren.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/01/2014 09:43:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe

Error: (10/01/2014 09:43:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe

Error: (10/01/2014 09:43:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2013-10-19 16:35:01.625
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:01.513
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:01.364
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:01.263
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:01.126
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:00.913
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:00.726
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:00.473
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:34:59.687
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:34:59.353
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 57%
Total physical RAM: 3950.1 MB
Available physical RAM: 1696.51 MB
Total Pagefile: 7898.33 MB
Available Pagefile: 4200.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.18 GB) (Free:376.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 997147F0)
Partition 1: (Not Active) - (Size=13.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
__________________

Geändert von sedafrost (02.10.2014 um 00:29 Uhr)

Alt 02.10.2014, 08:21   #4
sedafrost
 
Automatische Lastschrift konnte nicht geöffnet werden! - Standard

Automatische Lastschrift konnte nicht geöffnet werden!



Guten Morgen,
heute, beim Neustart bot sich mir dieses Bild:



Code:
ATTFilter
Name:  scrennshot 2.10.jpg
Hits: 194
Größe:  113,6 KB
         

Hat es was mit den Trojanern zu tun?

Alt 02.10.2014, 23:09   #5
Bootsektor
/// TB-Ausbilder
 
Automatische Lastschrift konnte nicht geöffnet werden! - Standard

Automatische Lastschrift konnte nicht geöffnet werden!



Hallo,
Zitat:
Guten Morgen,
heute, beim Neustart bot sich mir dieses Bild:
Dafür ist das Bild zu klein um darüber ein Urteil abzugeben.

Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :

RocketTab
YAC


Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen

Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus.

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.


Alt 03.10.2014, 01:50   #6
sedafrost
 
Automatische Lastschrift konnte nicht geöffnet werden! - Standard

Automatische Lastschrift konnte nicht geöffnet werden!



Hallo Sandra,
dachte das sich der Screenshot aufklappen lässt.
Ok na dann mal gehts los:

Code:
ATTFilter
# AdwCleaner v3.311 - Bericht erstellt am 03/10/2014 um 01:39:46
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Cansel - CANSEL-VAIO
# Gestartet von : C:\Users\Cansel\Desktop\AdwCleaner_3.311.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.17267


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\prefs.js ]


-\\ Google Chrome v37.0.2062.124

[ Datei : C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [22669 octets] - [03/10/2014 01:29:37]
AdwCleaner[R1].txt - [877 octets] - [03/10/2014 01:39:46]
AdwCleaner[S0].txt - [21670 octets] - [03/10/2014 01:31:59]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [997 octets] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.10.2014
Suchlauf-Zeit: 01:56:49
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.10.02.10
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Cansel

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 319181
Verstrichene Zeit: 20 Min, 5 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 4
PUP.Optional.1ClickMovieDownloader.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hpomcmndppalndoljdilmfkkjkcnongl, In Quarantäne, [3fb3947be8943501b142fc6792727f81], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311301136}, In Quarantäne, [be34d837dca05adc1e58a176e71e7090], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2717583150-1332987667-1640195566-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311301136}, In Quarantäne, [be34d837dca05adc1e58a176e71e7090], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110311301136}, In Quarantäne, [be34d837dca05adc1e58a176e71e7090], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 13
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\defaults, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\defaults\preferences, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\userCode, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\locale, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\locale\en-US, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 

Dateien: 121
Trojan.FakeVLC, C:\Program Files (x86)\Vlcclassic\Uninstall.exe, In Quarantäne, [c13197788bf166d027be021d0ff628d8], 
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job, In Quarantäne, [fff3729d1b6159dd412d51c957ac21df], 
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job, In Quarantäne, [34beff10ceaed462dd91061454afe11f], 
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-2.2-enabler.job, In Quarantäne, [0ee432ddceae9e98e78752c8768dd729], 
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job, In Quarantäne, [d71b54bbc3b91a1c72fc3ae06b9824dc], 
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-2.2-updater.job, In Quarantäne, [b53d17f81d5fc96d1c52d34705fec63a], 
PUP.Optional.PlusHD.A, C:\Windows\System32\Tasks\Plus-HD-2.2-chromeinstaller, In Quarantäne, [3bb72de243392511b1bead6d28db0af6], 
PUP.Optional.PlusHD.A, C:\Windows\System32\Tasks\Plus-HD-2.2-codedownloader, In Quarantäne, [2cc622edc7b58caac6a937e322e1bd43], 
PUP.Optional.PlusHD.A, C:\Windows\System32\Tasks\Plus-HD-2.2-enabler, In Quarantäne, [648e34db81fb1d1976f9968490736b95], 
PUP.Optional.PlusHD.A, C:\Windows\System32\Tasks\Plus-HD-2.2-firefoxinstaller, In Quarantäne, [7280da35bbc11f172e412ceedf24c13f], 
PUP.Optional.PlusHD.A, C:\Windows\System32\Tasks\Plus-HD-2.2-updater, In Quarantäne, [7d7564ab6a12ac8ab4bb53c72dd60ff1], 
PUP.Optional.ClickMVD.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\clickMvd@clickMvd.com.xpi, In Quarantäne, [b63c6ca3c3b90f27f32882b512f1c53b], 
PUP.Optional.PricePeep.A, C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage, In Quarantäne, [e60c2be4ed8f989e768fd0a66b99aa56], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome.manifest, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\install.rdf, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\10fa86f5d79c897edfb6736b331b3f5a.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\9ecfe9b71d7731409fa7849ec2895250.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\b58ec7feee6c2ae5841c1f71d0e10a1a.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\background.html, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\browser.xul, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\c351bad94fc1147a1c80deae7cba8f02.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\dialog.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\e077e9d6281d3688a08db232eb2dee8b.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\edd76a7f806347207891eea268b4bc88.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\options.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\options.xul, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\search_dialog.xul, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\8e1596e638330103c30f3dfc59d9335d.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\1d812af198e441fe120889fd38f1085d.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\264e0fb5727339bb23b4b7d49e2bc66b.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\3ab6a4984346f919d2da216d6ffa1f92.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\6dd2a978fcf1bd9f0867c04cba770a32.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\8165f21fbd51c22f9921c7452cd00283.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\81a9a502748cd6f1a79743b1a0e2a388.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\8505f9025a25533221d4723dfd92b11b.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\870e05405203fe05dfdac5d887028213.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\a791fbe4442e023f16bd623b04d4e4c1.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\a80071a7cc41b84d43c884c039ea8a1b.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\b11cbaa205ef44dad5146b27db2b98ea.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\e6f5f185a1d23d3df65c52cb1d0bc1a7.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\eaa53e7d4a86786981e616e5cac6aae7.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\eb4c7da5672676d8538f7a409ee174b6.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\api\ff1fb34778bbea78c4c41031512b998e.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\cc37677619a0c90f20f6a00e538a33c3.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\28350502e74d3b4d55c017a552ad7262.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\2c5ed19b168c3915aa67d61a703ac77d.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\48a2de78928e054df46b443e2b567684.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\4d3a02a4c814a4dfa85abd2c3c25b7b1.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\51e6e6b9b1c017412df906c744457661.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\6b6cb06b4304a0e6e74abfe33ecfbeb4.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\74f1e8f5db3762381efec2e2b5693c80.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\7c08f0cc5e5cc8b89a06cf30d1d6588e.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\943dd95daf432d7e3b382cb4cd4bcdc2.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\97cbe2e5447d8d11ab7052270d198ba5.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\9fa9d40ea1c4685ae4524173fe72a609.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\a39ae113444befe73b9aa8f97c97a779.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\b880ef897b920fba677e3b988c2c7d48.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\d45aa060e67ba64e93427ebfd72e4f58.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\d7cf98492640c228b97132aaa4242204.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\da4f65194e57c98824682515367908ab.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\e7e8637da3423a49c29d7a224bdc9f91.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\ebb1e2d049d3f97cc85bb0adf52ce575.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\ffcb779f4fa31929aa48b60937268868.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\chrome\content\core\installer.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\defaults\preferences\prefs.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\manifest.xml, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins.json, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\102.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\104.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\119.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\123.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\13.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\14.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\155.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\16.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\17.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\178.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\179.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\180.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\184.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\191.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\195.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\198.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\217.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\220.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\221.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\223.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\231.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\232.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\246.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\259.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\262.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\263.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\268.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\273.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\281.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\289.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\4.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\47.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\64.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\7.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\78.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\9.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\userCode\background.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\extensionData\userCode\extension.js, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\locale\en-US\translations.dtd, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\button1.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\button2.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\button3.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\button4.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\button5.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\crossrider_statusbar.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\icon128.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\icon16.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\icon24.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\icon48.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\panelarrow-up.png, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\popup.html, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\skin.css, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 
PUP.Optional.CrossRider.A, C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com\skin\update.css, In Quarantäne, [04eef21d87f5033396f73fc4a1628c74], 

Physische Sektoren: 0
(No malicious items detected)

(end)
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2014
Ran by Cansel (administrator) on CANSEL-VAIO on 03-10-2014 02:33:47
Running from C:\Users\Cansel\Downloads
Loaded Profile: Cansel (Available profiles: Cansel)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\EMMSN.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Nori\Nori.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation)
HKLM-x32\...\Run: [Mobile Connection Manager] => C:\Program Files (x86)\o2\Mobile Connection Manager\emmsn.exe [3761592 2010-03-25] (Telefónica I+D)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\MountPoints2: {7fe190df-36d2-11e0-bdf2-c0cb38f4c7a1} - E:\AutoRun.exe
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\MountPoints2: {7fe190ea-36d2-11e0-bdf2-c0cb38f4c7a1} - E:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:49198;https=127.0.0.1:49198
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default
FF Homepage: hxxp://www.google.com
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Cansel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-08-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-08-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-08-21]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-17]
FF Extension: No Name - C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com [Not Found]

Chrome: 
=======
CHR DefaultSuggestURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR Profile: C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-10]
CHR Extension: (No Name) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-10]
CHR Extension: (Google Search) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-10]
CHR Extension: (Google Wallet) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-10]
CHR Extension: (Gmail) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [239616 2012-08-07] (Samsung Electronics Co., Ltd.) [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [194048 2010-03-08] (Telefónica I+D) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [114608 2013-02-12] (Avira GmbH)
R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [141376 2013-02-12] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-28] (Avira Operations GmbH & Co. KG)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-28] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-03 02:33 - 2014-10-03 02:33 - 00000000 ____D () C:\Users\Cansel\Downloads\FRST-OlderVersion
2014-10-03 02:31 - 2014-10-03 02:31 - 00031854 _____ () C:\Users\Cansel\Desktop\mbam.txt
2014-10-03 01:55 - 2014-10-03 02:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-03 01:55 - 2014-10-03 02:28 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-03 01:55 - 2014-10-03 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-03 01:55 - 2014-10-03 02:28 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-03 01:55 - 2014-10-03 01:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-03 01:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-03 01:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-03 01:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-03 01:53 - 2014-10-03 01:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Cansel\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-03 01:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-03 01:29 - 2014-10-03 01:48 - 00000000 ___DC () C:\AdwCleaner
2014-10-03 01:28 - 2014-10-03 01:28 - 01375089 _____ () C:\Users\Cansel\Desktop\AdwCleaner_3.311.exe
2014-10-02 08:39 - 2014-10-02 08:39 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-10-02 08:28 - 2014-10-03 02:22 - 00000280 _____ () C:\Windows\setupact.log
2014-10-02 08:28 - 2014-10-02 08:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-02 08:27 - 2014-10-03 02:22 - 00059564 _____ () C:\Windows\PFRO.log
2014-10-02 08:27 - 2014-10-02 08:29 - 00471768 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-02 01:17 - 2014-10-03 02:34 - 00022701 _____ () C:\Users\Cansel\Downloads\FRST.txt
2014-10-02 01:07 - 2014-10-02 01:09 - 00033376 _____ () C:\Users\Cansel\Desktop\FRST.txt
2014-10-02 01:06 - 2014-10-03 02:33 - 00000000 ___DC () C:\FRST
2014-10-02 01:04 - 2014-10-03 02:33 - 02109440 ____C (Farbar) C:\Users\Cansel\Downloads\FRST64.exe
2014-10-01 23:15 - 2014-10-01 23:15 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-10-01 23:14 - 2014-10-01 23:14 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cansel\Downloads\SpyHunter-Installer (2).exe
2014-10-01 21:52 - 2014-10-01 21:52 - 00122064 _____ () C:\Users\Cansel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-01 21:37 - 2014-10-02 01:09 - 00061611 _____ () C:\Users\Cansel\Desktop\Addition.txt
2014-09-25 20:47 - 2014-06-16 08:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-09-25 20:47 - 2014-06-16 08:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-09-23 15:49 - 2014-09-23 15:49 - 00000000 ___DC () C:\ab3649312632ab9b2e1875c0
2014-09-16 17:26 - 2014-09-16 17:26 - 00000000 ___DC () C:\eb6be553422695051bf75c63
2014-09-10 19:51 - 2014-09-23 15:47 - 00000000 ____D () C:\Users\Cansel\Documents\Scan
2014-09-10 10:10 - 2014-09-05 04:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 10:10 - 2014-09-05 03:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 10:17 - 2014-09-03 10:17 - 00002204 _____ () C:\Users\Cansel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-03 02:30 - 2009-07-14 06:45 - 00019536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-03 02:30 - 2009-07-14 06:45 - 00019536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-03 02:28 - 2010-11-25 13:23 - 00000000 ____D () C:\Temp
2014-10-03 02:26 - 2011-09-22 09:39 - 00001142 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000UA.job
2014-10-03 02:22 - 2013-09-10 22:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-03 02:22 - 2011-02-07 22:10 - 01444028 _____ () C:\Windows\WindowsUpdate.log
2014-10-03 02:22 - 2010-11-25 13:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-10-03 02:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-03 02:21 - 2012-02-28 01:04 - 00000000 ____D () C:\Program Files (x86)\Vlcclassic
2014-10-03 02:16 - 2013-09-10 22:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-03 02:15 - 2012-07-28 14:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-03 01:39 - 2011-02-07 22:16 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{15D7B2EE-0195-4275-86F7-1C2AD8E6FB3C}
2014-10-03 01:32 - 2014-01-04 04:45 - 00000000 ____D () C:\Windows\system32\log
2014-10-02 15:13 - 2011-09-22 09:39 - 00001120 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000Core.job
2014-10-02 08:39 - 2011-02-10 23:29 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-10-02 08:39 - 2010-10-12 19:48 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-10-02 08:38 - 2010-11-25 12:52 - 00000000 ____D () C:\Program Files\Sony
2014-10-02 08:38 - 2010-10-12 19:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-02 08:36 - 2011-04-01 00:31 - 00000000 ____D () C:\Update
2014-10-02 02:00 - 2014-09-02 18:53 - 00000000 ____D () C:\Users\Cansel\Documents\Outlook-Dateien
2014-10-02 00:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-01 19:17 - 2014-01-04 02:24 - 00000000 ___RD () C:\Users\Cansel\Desktop\Systemwartung&Sicherheit
2014-10-01 17:19 - 2013-09-28 01:52 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-09-28 22:41 - 2014-01-04 00:36 - 00000396 _____ () C:\Windows\Tasks\SpyHunter4.job
2014-09-25 20:50 - 2013-01-09 03:38 - 00000000 ____D () C:\Users\Cansel\Documents\SelfMV
2014-09-25 20:48 - 2014-09-02 19:51 - 00000000 ___DC () C:\Program Files\SAMSUNG
2014-09-25 15:15 - 2012-07-28 14:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-25 15:15 - 2012-07-28 14:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 15:15 - 2012-07-28 14:37 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-25 15:07 - 2013-11-04 21:21 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-23 17:31 - 2011-02-07 22:11 - 00000000 ____D () C:\Users\Cansel
2014-09-19 12:53 - 2011-10-06 15:39 - 00000000 ____D () C:\Users\Cansel\AppData\Roaming\SoftGrid Client
2014-09-16 22:00 - 2010-11-25 21:39 - 00703338 _____ () C:\Windows\system32\perfh007.dat
2014-09-16 22:00 - 2010-11-25 21:39 - 00152228 _____ () C:\Windows\system32\perfc007.dat
2014-09-16 22:00 - 2009-07-14 07:13 - 00006734 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 21:06 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-16 17:04 - 2011-07-27 16:44 - 01595628 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-15 09:06 - 2011-07-29 00:38 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-11 20:40 - 2014-08-14 12:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 20:29 - 2013-08-16 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 20:21 - 2011-02-15 01:37 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-03 10:19 - 2011-02-07 22:13 - 00000000 ____D () C:\Users\Cansel\Documents\Bluetooth-Exchange-Ordner

Some content of TEMP:
====================
C:\Users\Cansel\AppData\Local\Temp\avgnt.exe
C:\Users\Cansel\AppData\Local\Temp\Quarantine.exe
C:\Users\Cansel\AppData\Local\Temp\SHSetup.exe
C:\Users\Cansel\AppData\Local\Temp\System.Data.SQLite.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 20:06

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2014
Ran by Cansel at 2014-10-03 02:35:27
Running from C:\Users\Cansel\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (x32 Version: 8.0.1 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.8) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{5BC83141-83DD-07BE-C940-04B385540F04}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0920.2143.37117 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help English (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help French (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help German (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0920.2143.37117 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0920.2143.37117 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.804 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version:  - Mobile Connection Manager)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.002.03.29.40 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlayMemories Home Plug-in (Version: 2.0.00.14170 - Sony Corporation) Hidden
PlayMemories Home/PMB VAIO Edition Plug-in 3D Theme Data (x32 Version: 1.0.00.16130 - Sony Corporation) Hidden
PlayMemories Home/PMB VAIO Edition Plug-in Ver.2.2 Upgrade Program (x32 Version: 2.2.00.18250 - Sony Corporation) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.7.0 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.7.0 - Sony Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.04.06 (07.08.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.63.01(09.08.2012) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.32 (17.07.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.20.02 - Samsung Electronics Co., Ltd.) Hidden
Samsung SCX-472x Series (HKLM-x32\...\Samsung SCX-472x Series) (Version: 1.20 (09.10.2012) - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.10 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.10.104 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
VAIO - PlayMemories Home Plug-in (HKLM-x32\...\InstallShield_{F9395F3D-4198-476C-8C41-63D0B5B51E35}) (Version: 2.2.00.18250 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.2.08070 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 3.1.00.16130 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.1.09230 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 3.1.00.16130 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WEB.DE MailCheck für Google Chrome (HKLM-x32\...\1&1 Mail & Media WEB.DE MailCheck GC) (Version: 1.0.0.0 - 1&1 Mail & Media GmbH)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

23-09-2014 01:00:11 Windows Update
23-09-2014 13:49:04 Windows Update
24-09-2014 00:38:38 Windows Update
26-09-2014 16:23:19 Windows Update
27-09-2014 01:00:11 Windows Update
28-09-2014 13:23:31 Windows Update
29-09-2014 20:09:17 Windows Update
30-09-2014 08:25:08 Windows Update
01-10-2014 13:20:46 Windows Update
02-10-2014 00:01:12 Windows Update
02-10-2014 06:37:02 Entfernt VAIO Update
02-10-2014 06:38:37 Installiert VAIO Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03D3E67A-B396-43B0-9728-8BDFECFECEB4} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {0F8DA4E8-785B-4809-B31C-9B17496526C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-10] (Google Inc.)
Task: {100CB707-86B1-45CF-A6C3-7CEAB9E22ACB} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {1521D2C6-C63E-4328-B298-19061A2D677F} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {17372719-463A-45CF-B526-4F01A6EA3730} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1BA1B0E5-AB64-4C9E-BF73-B9F00FDC9110} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-10] (Google Inc.)
Task: {267FA4A5-F1A7-400F-B041-0F1C46F2CA76} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {29FAF33E-A2B7-47FC-845C-FB8286E00064} - System32\Tasks\SpyHunter4 => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: {321D9990-3C1F-4A29-9989-8BF44DF9046F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {33E18BE4-41AD-4884-BAB2-50C2E41D346F} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {3BF8FF31-BD3F-4DA8-9DA9-943B5D130D58} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-05-28] (Sony Corporation)
Task: {42F5F7A7-00E8-45A6-A188-5BB1F6EFBD02} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {43896CBE-3C15-4E88-877A-57FB0F40CAD6} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {4CC17B2C-C4E0-4424-86A9-87E7A79B0D76} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {526087BF-22C0-4FCF-8DE0-96E74F381910} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: {58EC0125-BBCC-4FE9-AA0D-8B238BEDF0AC} - System32\Tasks\{6493F0D8-4001-4D43-9FE0-73FE9E790208} => E:\pcconfig.exe
Task: {5A98846C-8E5F-4961-96A4-3A8E5F72E46A} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {62CEEE0E-0E12-4342-854C-B83514436072} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {68022D17-C867-4001-9C3E-A93BE689EFBC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {68260F2B-3441-4EE7-A783-16A90EF186EF} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {862A11AB-10E6-4233-AA1D-6D9BBDC48C98} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Cansel => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2010-01-20] (Sony Corporation)
Task: {868F0926-F9C6-4D5C-910A-49063FD22B4B} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9E3EE384-AF21-4ED6-8B9D-CA0F8D640C8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {9EBAFF44-83DB-43BA-BB0D-2B7708924CCC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {B2D6153E-8BCA-4B36-B02C-256CA4A1DD10} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {B38CA13F-131E-4184-85BD-6A8518898527} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {BC430D45-369A-437F-B87D-2D49BD46004D} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {C847CD26-F8F2-4A40-89F7-832FE220EA46} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {CB536F13-E419-4011-9BE8-24BEBE1901DA} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {DD84CDD3-622C-4D2A-8BA9-13A29753F948} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000Core => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {E1ACB83B-81BF-4492-BEC8-C5F361EFEED5} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {E305B1EB-B1B9-40AE-819F-271E30E1A149} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {EDB08A1A-F10E-4348-A57A-F8A96E55AEFB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {EE9BC219-6539-4B51-B8D2-B3CDA6E8521D} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F0EE1D6D-568F-4A45-8261-A4F81E5BC77A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {F0F003FF-2A4E-427F-9AA6-BCCA088E15D1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000UA => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FD4B3E77-A2A0-4DC8-808A-378858BA8D88} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000Core.job => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000UA.job => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpyHunter4.job => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

==================== Loaded Modules (whitelisted) =============

2013-07-26 10:42 - 2013-07-26 10:42 - 00034304 _____ () C:\Windows\System32\ssa3mlm.dll
2014-03-30 05:35 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-02-20 22:23 - 2012-02-20 22:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2010-11-25 12:52 - 2010-05-31 20:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-11-25 12:52 - 2010-05-31 20:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2010-03-25 19:30 - 2010-03-25 19:30 - 00124856 _____ () C:\Program Files (x86)\o2\Mobile Connection Manager\AgendaLib.dll
2010-03-03 16:42 - 2010-03-03 16:42 - 00506480 _____ () C:\Program Files (x86)\o2\Mobile Connection Manager\sqlite3.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2010-03-22 17:21 - 2010-03-22 17:21 - 00018872 _____ () C:\Program Files (x86)\o2\Mobile Connection Manager\langs\de_DE_md.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00191928 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgati.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00240056 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plghwi.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00292280 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgnvt.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00193976 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgopt.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00191928 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgser.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00340920 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgsie.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00192952 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgzte.dll
2013-10-10 02:00 - 2013-10-10 02:00 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-10-12 19:14 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-25 15:21 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 15:21 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 15:21 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 15:21 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 15:21 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-25 15:21 - 2014-09-23 06:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Cansel\Documents\Fw_ Rechnung für Artikel GEBERIT DUOFIX Vorwandelement Wand WC Set WC Sitz mit Softclose WC mit Lotus( Artikelnummer_ 360487075262 )___.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sony MSS.lnk => C:\Windows\pss\Sony MSS.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Cansel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PricePeepUpdater.lnk => C:\Windows\pss\PricePeepUpdater.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: fssui => "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Cansel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

========================= Accounts: ==========================

Administrator (S-1-5-21-2717583150-1332987667-1640195566-500 - Administrator - Disabled)
Cansel (S-1-5-21-2717583150-1332987667-1640195566-1000 - Administrator - Enabled) => C:\Users\Cansel
Gast (S-1-5-21-2717583150-1332987667-1640195566-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2717583150-1332987667-1640195566-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Standardmäßige Modem-über-Bluetooth-Verbindung
Description: Standardmäßige Modem-über-Bluetooth-Verbindung
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standardmobiltelefone
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/03/2014 02:33:15 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (10/03/2014 02:26:00 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.

Error: (10/03/2014 02:25:56 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (10/03/2014 02:16:38 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.

Error: (10/03/2014 02:15:22 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.

Error: (10/03/2014 02:13:07 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.

Error: (10/03/2014 02:10:49 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.

Error: (10/03/2014 02:08:31 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.

Error: (10/03/2014 02:06:11 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.

Error: (10/03/2014 02:03:52 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.


System errors:
=============
Error: (10/03/2014 02:26:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/03/2014 02:21:52 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/03/2014 02:16:22 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1039BE32-0287-4697-99F1-4141E4C84D51}

Error: (10/03/2014 01:52:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/03/2014 01:40:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/02/2014 09:41:53 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1039BE32-0287-4697-99F1-4141E4C84D51}

Error: (10/02/2014 08:33:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/02/2014 02:01:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246007 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656351)

Error: (10/02/2014 02:01:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2600217)

Error: (10/01/2014 03:42:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656351)


Microsoft Office Sessions:
=========================
Error: (10/03/2014 02:33:15 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Cansel\Downloads\iLividSetup-r400-n-bc (3).exeC:\Users\Cansel\Downloads\iLividSetup-r400-n-bc (3).exe0

Error: (10/03/2014 02:26:00 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/03/2014 02:25:56 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Cansel\Downloads\iLividSetup-r400-n-bc (3).exeC:\Users\Cansel\Downloads\iLividSetup-r400-n-bc (3).exe0

Error: (10/03/2014 02:16:38 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/03/2014 02:15:22 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/03/2014 02:13:07 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/03/2014 02:10:49 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/03/2014 02:08:31 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/03/2014 02:06:11 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/03/2014 02:03:52 AM) (Source: MsiInstaller) (EventID: 11706) (User: NT-AUTORITÄT)
Description: Product: VAIO Media plus -- Error 1706. An installation package for the product VAIO Media plus cannot be found. Try the installation again using a valid copy of the installation package 'VMp MergeModule x64.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2013-10-19 16:35:01.625
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:01.513
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:01.364
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:01.263
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:01.126
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:00.913
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:00.726
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:35:00.473
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:34:59.687
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-19 16:34:59.353
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 50%
Total physical RAM: 3950.1 MB
Available physical RAM: 1966.74 MB
Total Pagefile: 7898.33 MB
Available Pagefile: 5213.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.18 GB) (Free:375.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 997147F0)
Partition 1: (Not Active) - (Size=13.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Hoffe das es geklappt hat...

Danke und gute Nacht!

Alt 03.10.2014, 20:48   #7
Bootsektor
/// TB-Ausbilder
 
Automatische Lastschrift konnte nicht geöffnet werden! - Standard

Automatische Lastschrift konnte nicht geöffnet werden!



Hallo,

Zitat:
dachte das sich der Screenshot aufklappen lässt.
Ja du hast recht, entweder habe ich das vorher nicht gesehen oder eine andere Darstellung gehabt, die Fehlermeldung müsste jetzt aber verschwunden sein, oder?

Hast du denn noch Probleme mit dem Rechner?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
FF Extension: No Name - C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com [Not Found]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
(Enigma Software Group USA, LLC.) C:\Users\Cansel\Downloads\SpyHunter-Installer (2).exe
(Enigma Software Group USA, LLC.) C:\Users\Cansel\Downloads\SpyHunter-Installer (1).exe
(Enigma Software Group USA, LLC.) C:\Users\Cansel\Downloads\SpyHunter-Installer.exe
Task: {29FAF33E-A2B7-47FC-845C-FB8286E00064} - System32\Tasks\SpyHunter4 => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: C:\Windows\Tasks\SpyHunter4.job => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 3
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

Alt 04.10.2014, 01:52   #8
sedafrost
 
Automatische Lastschrift konnte nicht geöffnet werden! - Standard

Automatische Lastschrift konnte nicht geöffnet werden!



Hallo Sandra,
ne Probleme habe ich nicht, aber ich wollte auch nicht das welche kommen, da ich Angst hatte dass die Trojaner oder Viren noch probleme verursachen...

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2014
Ran by Cansel at 2014-10-03 22:54:22 Run:1
Running from C:\Users\Cansel\Desktop
Loaded Profile: Cansel (Available profiles: Cansel)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
FF Extension: No Name - C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com [Not Found]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
(Enigma Software Group USA, LLC.) C:\Users\Cansel\Downloads\SpyHunter-Installer (2).exe
(Enigma Software Group USA, LLC.) C:\Users\Cansel\Downloads\SpyHunter-Installer (1).exe
(Enigma Software Group USA, LLC.) C:\Users\Cansel\Downloads\SpyHunter-Installer.exe
Task: {29FAF33E-A2B7-47FC-845C-FB8286E00064} - System32\Tasks\SpyHunter4 => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: C:\Windows\Tasks\SpyHunter4.job => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
*****************

C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com not found.
esgiguard => Service deleted successfully.
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP => Moved successfully.
C:\Users\Cansel\Downloads\SpyHunter-Installer (2).exe => No running process found
C:\Users\Cansel\Downloads\SpyHunter-Installer (1).exe => No running process found
C:\Users\Cansel\Downloads\SpyHunter-Installer.exe => No running process found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29FAF33E-A2B7-47FC-845C-FB8286E00064}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29FAF33E-A2B7-47FC-845C-FB8286E00064}" => Key deleted successfully.
C:\Windows\System32\Tasks\SpyHunter4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4" => Key deleted successfully.
C:\Windows\Tasks\SpyHunter4.job => Moved successfully.

==== End of Fixlog ====
         
Das andere folgt dann in der nächsten mail...

und weiter gehts...

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3ed63d89496c0549937323d990f0f0fc
# engine=20427
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-03 11:57:55
# local_time=2014-10-04 01:57:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT 
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 11215 25028699 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 11193 164010524 0 0
# scanned=208317
# found=13
# cleaned=0
# scan_time=9151
sh=A345A289EAD124E6C11ED4F211C32C90777D95D5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Backup\C\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\prefs_03_10_2014_01_42_01.js"
sh=A345A289EAD124E6C11ED4F211C32C90777D95D5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Backup\C\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\prefs_03_10_2014_01_48_03.js"
sh=A345A289EAD124E6C11ED4F211C32C90777D95D5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\prefs.js"
sh=866FD6FB3D57BFD248593092F2F76CAE51238C62 ft=0 fh=0000000000000000 vn="INF/Autorun.gen Wurm" ac=I fn="E:\AutoRun.inf"
sh=2D032A8A1A9693E5020646ADE31E2F7B5EFEDF2A ft=0 fh=0000000000000000 vn="Win32/Adware.ToolPlugin Anwendung" ac=I fn="E:\CANSEL-VAIO\Backup Set 2011-10-16 195224\Backup Files 2011-12-02 231209\Backup files 1.zip"
sh=062D861F5A87B4CA4C00DD1B190B4387152CB88D ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\CANSEL-VAIO\Backup Set 2011-10-16 195224\Backup Files 2011-12-02 231209\Backup files 2.zip"
sh=BE4F30D210434EB43E049F339B3305A3A071C2C6 ft=0 fh=0000000000000000 vn="Win32/Adware.ToolPlugin Anwendung" ac=I fn="E:\CANSEL-VAIO\Backup Set 2012-03-06 031512\Backup Files 2012-03-06 031512\Backup files 1.zip"
sh=FEBE86898294EA29076CC74DFFCBEF178B7C98D2 ft=0 fh=0000000000000000 vn="Win32/Adware.Bundlore Anwendung" ac=I fn="E:\CANSEL-VAIO\Backup Set 2012-03-06 031512\Backup Files 2012-03-06 031512\Backup files 2.zip"
sh=3DF56591E91BFBA3BB2FF6D6AB85146FAB4890AF ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\CANSEL-VAIO\Backup Set 2012-03-06 031512\Backup Files 2012-03-06 031512\Backup files 3.zip"
sh=E74011DE9686A5A4FD238CB3505A1E075A59AF7D ft=0 fh=0000000000000000 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="E:\CANSEL-VAIO\Backup Set 2012-03-06 031512\Backup Files 2012-05-13 221534\Backup files 3.zip"
sh=94C619AAEF87D90DFFA51BB5D7D2E3A620572026 ft=0 fh=0000000000000000 vn="Win32/Adware.ToolPlugin Anwendung" ac=I fn="E:\CANSEL-VAIO\Backup Set 2012-05-13 230003\Backup Files 2012-05-13 230003\Backup files 1.zip"
sh=0D7816E805A383440EADBE4FE41126FFB339275C ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\CANSEL-VAIO\Backup Set 2012-05-13 230003\Backup Files 2012-05-13 230003\Backup files 4.zip"
sh=C561A2300B43EF439BBD6197C78E3D536E3AAA55 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\CANSEL-VAIO\Backup Set 2012-05-13 230003\Backup Files 2013-01-20 224316\Backup files 9.zip"
         
[CODEAdditional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2014
Ran by Cansel at 2014-10-04 02:50:08
Running from C:\Users\Cansel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (x32 Version: 8.0.1 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.8) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{5BC83141-83DD-07BE-C940-04B385540F04}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0920.2143.37117 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help English (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help French (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help German (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0920.2143.37117 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0920.2143.37117 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.804 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: - Mobile Connection Manager)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.002.03.29.40 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlayMemories Home Plug-in (Version: 2.0.00.14170 - Sony Corporation) Hidden
PlayMemories Home/PMB VAIO Edition Plug-in 3D Theme Data (x32 Version: 1.0.00.16130 - Sony Corporation) Hidden
PlayMemories Home/PMB VAIO Edition Plug-in Ver.2.2 Upgrade Program (x32 Version: 2.2.00.18250 - Sony Corporation) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.7.0 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.7.0 - Sony Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.04.06 (07.08.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.63.01(09.08.2012) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.32 (17.07.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.20.02 - Samsung Electronics Co., Ltd.) Hidden
Samsung SCX-472x Series (HKLM-x32\...\Samsung SCX-472x Series) (Version: 1.20 (09.10.2012) - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.10 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.10.104 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
VAIO - PlayMemories Home Plug-in (HKLM-x32\...\InstallShield_{F9395F3D-4198-476C-8C41-63D0B5B51E35}) (Version: 2.2.00.18250 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.2.08070 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 3.1.00.16130 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.1.09230 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 3.1.00.16130 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WEB.DE MailCheck für Google Chrome (HKLM-x32\...\1&1 Mail & Media WEB.DE MailCheck GC) (Version: 1.0.0.0 - 1&1 Mail & Media GmbH)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2717583150-1332987667-1640195566-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Cansel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

24-09-2014 00:38:38 Windows Update
26-09-2014 16:23:19 Windows Update
27-09-2014 01:00:11 Windows Update
28-09-2014 13:23:31 Windows Update
29-09-2014 20:09:17 Windows Update
30-09-2014 08:25:08 Windows Update
01-10-2014 13:20:46 Windows Update
02-10-2014 00:01:12 Windows Update
02-10-2014 06:37:02 Entfernt VAIO Update
02-10-2014 06:38:37 Installiert VAIO Update
03-10-2014 00:55:15 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03D3E67A-B396-43B0-9728-8BDFECFECEB4} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {0F8DA4E8-785B-4809-B31C-9B17496526C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-10] (Google Inc.)
Task: {100CB707-86B1-45CF-A6C3-7CEAB9E22ACB} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {1521D2C6-C63E-4328-B298-19061A2D677F} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {17372719-463A-45CF-B526-4F01A6EA3730} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1BA1B0E5-AB64-4C9E-BF73-B9F00FDC9110} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-10] (Google Inc.)
Task: {267FA4A5-F1A7-400F-B041-0F1C46F2CA76} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {33E18BE4-41AD-4884-BAB2-50C2E41D346F} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {3BF8FF31-BD3F-4DA8-9DA9-943B5D130D58} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-05-28] (Sony Corporation)
Task: {42F5F7A7-00E8-45A6-A188-5BB1F6EFBD02} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {43896CBE-3C15-4E88-877A-57FB0F40CAD6} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {4CC17B2C-C4E0-4424-86A9-87E7A79B0D76} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {5181C9E8-AF37-4940-86F2-3BE6B16225C4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {526087BF-22C0-4FCF-8DE0-96E74F381910} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: {58EC0125-BBCC-4FE9-AA0D-8B238BEDF0AC} - System32\Tasks\{6493F0D8-4001-4D43-9FE0-73FE9E790208} => E:\pcconfig.exe
Task: {5A98846C-8E5F-4961-96A4-3A8E5F72E46A} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {62CEEE0E-0E12-4342-854C-B83514436072} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {68022D17-C867-4001-9C3E-A93BE689EFBC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {68260F2B-3441-4EE7-A783-16A90EF186EF} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {862A11AB-10E6-4233-AA1D-6D9BBDC48C98} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Cansel => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2010-01-20] (Sony Corporation)
Task: {868F0926-F9C6-4D5C-910A-49063FD22B4B} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9E3EE384-AF21-4ED6-8B9D-CA0F8D640C8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {9EBAFF44-83DB-43BA-BB0D-2B7708924CCC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {B2D6153E-8BCA-4B36-B02C-256CA4A1DD10} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {B38CA13F-131E-4184-85BD-6A8518898527} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {BC430D45-369A-437F-B87D-2D49BD46004D} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {C847CD26-F8F2-4A40-89F7-832FE220EA46} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {CB536F13-E419-4011-9BE8-24BEBE1901DA} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {DD84CDD3-622C-4D2A-8BA9-13A29753F948} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000Core => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {E1ACB83B-81BF-4492-BEC8-C5F361EFEED5} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {E305B1EB-B1B9-40AE-819F-271E30E1A149} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {EDB08A1A-F10E-4348-A57A-F8A96E55AEFB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {EE9BC219-6539-4B51-B8D2-B3CDA6E8521D} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F0EE1D6D-568F-4A45-8261-A4F81E5BC77A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {F0F003FF-2A4E-427F-9AA6-BCCA088E15D1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000UA => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FD4B3E77-A2A0-4DC8-808A-378858BA8D88} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000Core.job => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000UA.job => C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-26 10:42 - 2013-07-26 10:42 - 00034304 _____ () C:\Windows\System32\ssa3mlm.dll
2014-03-30 05:35 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-02-20 22:23 - 2012-02-20 22:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2010-11-25 12:52 - 2010-05-31 20:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-11-25 12:52 - 2010-05-31 20:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2010-03-25 19:30 - 2010-03-25 19:30 - 00124856 _____ () C:\Program Files (x86)\o2\Mobile Connection Manager\AgendaLib.dll
2010-03-03 16:42 - 2010-03-03 16:42 - 00506480 _____ () C:\Program Files (x86)\o2\Mobile Connection Manager\sqlite3.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2010-03-22 17:21 - 2010-03-22 17:21 - 00018872 _____ () C:\Program Files (x86)\o2\Mobile Connection Manager\langs\de_DE_md.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00191928 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgati.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00240056 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plghwi.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00292280 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgnvt.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00193976 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgopt.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00191928 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgser.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00340920 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgsie.dll
2010-03-17 20:05 - 2010-03-17 20:05 - 00192952 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgzte.dll
2013-10-10 02:00 - 2013-10-10 02:00 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-10-12 19:14 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-25 15:21 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 15:21 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 15:21 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 15:21 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 15:21 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Cansel\Documents\Fw_ Rechnung für Artikel GEBERIT DUOFIX Vorwandelement Wand WC Set WC Sitz mit Softclose WC mit Lotus( Artikelnummer_ 360487075262 )___.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sony MSS.lnk => C:\Windows\pss\Sony MSS.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Cansel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PricePeepUpdater.lnk => C:\Windows\pss\PricePeepUpdater.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Cansel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: fssui => "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Cansel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

========================= Accounts: ==========================

Administrator (S-1-5-21-2717583150-1332987667-1640195566-500 - Administrator - Disabled)
Cansel (S-1-5-21-2717583150-1332987667-1640195566-1000 - Administrator - Enabled) => C:\Users\Cansel
Gast (S-1-5-21-2717583150-1332987667-1640195566-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2717583150-1332987667-1640195566-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Standardmäßige Modem-über-Bluetooth-Verbindung
Description: Standardmäßige Modem-über-Bluetooth-Verbindung
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standardmobiltelefone
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/04/2014 02:43:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (10/04/2014 02:31:53 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "37.0.2062.120,language="&#x2a;",type="win32",version="37.0.2062.120"1".
Die abhängige Assemblierung "37.0.2062.120,language="&#x2a;",type="win32",version="37.0.2062.120"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (10/04/2014 02:31:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (10/04/2014 02:31:31 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (10/04/2014 01:19:19 AM) (Source: MsiInstaller) (EventID: 11706) (User: Cansel-VAIO)
Description: Product: Media Gallery -- Error 1706. An installation package for the product Media Gallery cannot be found. Try the installation again using a valid copy of the installation package 'Media Gallery MergeModules x64.msi'.

Error: (10/04/2014 01:10:40 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (10/03/2014 11:20:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (10/03/2014 11:20:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/03/2014 11:20:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/03/2014 11:19:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.


System errors:
=============
Error: (10/04/2014 02:48:53 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy8" den Befehl "chkdsk" aus.

Error: (10/04/2014 02:48:53 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy8" den Befehl "chkdsk" aus.

Error: (10/04/2014 02:48:53 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy8" den Befehl "chkdsk" aus.

Error: (10/04/2014 02:48:53 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy8" den Befehl "chkdsk" aus.

Error: (10/04/2014 02:48:51 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{8a9c72c6-32f5-11e0-9e2c-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{436221F2-728B-4986-88D4-9AB6B702B24A}

Error: (10/04/2014 02:48:40 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy8" den Befehl "chkdsk" aus.

Error: (10/04/2014 02:48:40 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy8" den Befehl "chkdsk" aus.

Error: (10/04/2014 02:48:40 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy8" den Befehl "chkdsk" aus.

Error: (10/03/2014 11:02:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1039BE32-0287-4697-99F1-4141E4C84D51}

Error: (10/03/2014 10:49:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (10/04/2014 02:43:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (10/04/2014 02:31:53 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: 37.0.2062.120,language="&#x2a;",type="win32",version="37.0.2062.120"c:\program files (x86)\Google\Chrome\application\old_chrome.exe

Error: (10/04/2014 02:31:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/04/2014 02:31:31 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (10/04/2014 01:19:19 AM) (Source: MsiInstaller) (EventID: 11706) (User: Cansel-VAIO)
Description: Product: Media Gallery -- Error 1706. An installation package for the product Media Gallery cannot be found. Try the installation again using a valid copy of the installation package 'Media Gallery MergeModules x64.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/04/2014 01:10:40 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (10/03/2014 11:20:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (10/03/2014 11:20:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (10/03/2014 11:20:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (10/03/2014 11:19:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
Date: 2013-10-19 16:35:01.625
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-10-19 16:35:01.513
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-10-19 16:35:01.364
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-10-19 16:35:01.263
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-10-19 16:35:01.126
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-10-19 16:35:00.913
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-10-19 16:35:00.726
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-10-19 16:35:00.473
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-10-19 16:34:59.687
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-10-19 16:34:59.353
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 59%
Total physical RAM: 3950.1 MB
Available physical RAM: 1599.27 MB
Total Pagefile: 7898.33 MB
Available Pagefile: 4724.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.18 GB) (Free:375.15 GB) NTFS
Drive e: (Volume) (Fixed) (Total:232.88 GB) (Free:112.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 997147F0)
Partition 1: (Not Active) - (Size=13.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 375BF98C)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================][/CODE]

[CODE
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2014
Ran by Cansel (administrator) on CANSEL-VAIO on 04-10-2014 02:49:14
Running from C:\Users\Cansel\Desktop
Loaded Profile: Cansel (Available profiles: Cansel)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\EMMSN.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Nori\Nori.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation)
HKLM-x32\...\Run: [Mobile Connection Manager] => C:\Program Files (x86)\o2\Mobile Connection Manager\emmsn.exe [3761592 2010-03-25] (Telefónica I+D)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\MountPoints2: {7fe190df-36d2-11e0-bdf2-c0cb38f4c7a1} - E:\AutoRun.exe
HKU\S-1-5-21-2717583150-1332987667-1640195566-1000\...\MountPoints2: {7fe190ea-36d2-11e0-bdf2-c0cb38f4c7a1} - E:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:49198;https=127.0.0.1:49198
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default
FF Homepage: hxxp://www.google.com
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Cansel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-08-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-08-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-08-21]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-17]
FF Extension: No Name - C:\Users\Cansel\AppData\Roaming\Mozilla\Firefox\Profiles\bs4ylqpe.default\extensions\ODNZSOUV80284234@YL43682704.com [Not Found]

Chrome: 
=======
CHR DefaultSuggestURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR Profile: C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-10]
CHR Extension: (No Name) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-10]
CHR Extension: (Google Search) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-10]
CHR Extension: (Google Wallet) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-10]
CHR Extension: (Gmail) - C:\Users\Cansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [239616 2012-08-07] (Samsung Electronics Co., Ltd.) [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [194048 2010-03-08] (Telefónica I+D) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [114608 2013-02-12] (Avira GmbH)
R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [141376 2013-02-12] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-28] (Avira Operations GmbH & Co. KG)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-28] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-03 23:19 - 2014-10-03 23:19 - 02347384 _____ (ESET) C:\Users\Cansel\Downloads\esetsmartinstaller_deu.exe
2014-10-03 02:35 - 2014-10-03 02:36 - 00051682 _____ () C:\Users\Cansel\Downloads\Addition.txt
2014-10-03 02:33 - 2014-10-03 02:33 - 00000000 ____D () C:\Users\Cansel\Downloads\FRST-OlderVersion
2014-10-03 02:31 - 2014-10-03 02:31 - 00031854 _____ () C:\Users\Cansel\Desktop\mbam.txt
2014-10-03 01:55 - 2014-10-03 02:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-03 01:55 - 2014-10-03 02:28 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-03 01:55 - 2014-10-03 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-03 01:55 - 2014-10-03 02:28 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-03 01:55 - 2014-10-03 01:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-03 01:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-03 01:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-03 01:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-03 01:53 - 2014-10-03 01:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Cansel\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-03 01:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-03 01:29 - 2014-10-03 01:48 - 00000000 ___DC () C:\AdwCleaner
2014-10-03 01:28 - 2014-10-03 01:28 - 01375089 _____ () C:\Users\Cansel\Desktop\AdwCleaner_3.311.exe
2014-10-02 08:39 - 2014-10-02 08:39 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-10-02 08:28 - 2014-10-03 22:45 - 00000336 _____ () C:\Windows\setupact.log
2014-10-02 08:28 - 2014-10-02 08:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-02 08:27 - 2014-10-03 22:45 - 00059914 _____ () C:\Windows\PFRO.log
2014-10-02 08:27 - 2014-10-02 08:29 - 00471768 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-02 01:17 - 2014-10-03 02:36 - 00032248 _____ () C:\Users\Cansel\Downloads\FRST.txt
2014-10-02 01:07 - 2014-10-04 02:49 - 00022259 _____ () C:\Users\Cansel\Desktop\FRST.txt
2014-10-02 01:06 - 2014-10-04 02:49 - 00000000 ___DC () C:\FRST
2014-10-02 01:04 - 2014-10-03 02:33 - 02109440 ____C (Farbar) C:\Users\Cansel\Desktop\FRST64.exe
2014-10-01 23:14 - 2014-10-01 23:14 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cansel\Downloads\SpyHunter-Installer (2).exe
2014-10-01 21:52 - 2014-10-01 21:52 - 00122064 _____ () C:\Users\Cansel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-01 21:37 - 2014-10-02 01:09 - 00061611 _____ () C:\Users\Cansel\Desktop\Addition.txt
2014-09-25 20:47 - 2014-06-16 08:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-09-25 20:47 - 2014-06-16 08:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-09-23 15:49 - 2014-09-23 15:49 - 00000000 ___DC () C:\ab3649312632ab9b2e1875c0
2014-09-16 17:26 - 2014-09-16 17:26 - 00000000 ___DC () C:\eb6be553422695051bf75c63
2014-09-10 19:51 - 2014-09-23 15:47 - 00000000 ____D () C:\Users\Cansel\Documents\Scan
2014-09-10 10:10 - 2014-09-05 04:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 10:10 - 2014-09-05 03:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-04 02:33 - 2011-02-07 22:10 - 01498429 _____ () C:\Windows\WindowsUpdate.log
2014-10-04 02:26 - 2011-09-22 09:39 - 00001142 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000UA.job
2014-10-04 02:20 - 2011-02-07 22:16 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{15D7B2EE-0195-4275-86F7-1C2AD8E6FB3C}
2014-10-04 02:16 - 2013-09-10 22:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-04 02:15 - 2012-07-28 14:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-03 23:20 - 2010-11-25 21:39 - 00718652 _____ () C:\Windows\system32\perfh007.dat
2014-10-03 23:20 - 2010-11-25 21:39 - 00157672 _____ () C:\Windows\system32\perfc007.dat
2014-10-03 23:20 - 2009-07-14 07:13 - 00006536 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-03 22:54 - 2009-07-14 06:45 - 00019536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-03 22:54 - 2009-07-14 06:45 - 00019536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-03 22:52 - 2010-11-25 13:23 - 00000000 ____D () C:\Temp
2014-10-03 22:45 - 2013-09-10 22:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-03 22:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-03 02:22 - 2010-11-25 13:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-10-03 02:21 - 2012-02-28 01:04 - 00000000 ____D () C:\Program Files (x86)\Vlcclassic
2014-10-03 01:32 - 2014-01-04 04:45 - 00000000 ____D () C:\Windows\system32\log
2014-10-02 15:13 - 2011-09-22 09:39 - 00001120 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2717583150-1332987667-1640195566-1000Core.job
2014-10-02 08:39 - 2011-02-10 23:29 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-10-02 08:39 - 2010-10-12 19:48 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-10-02 08:38 - 2010-11-25 12:52 - 00000000 ____D () C:\Program Files\Sony
2014-10-02 08:38 - 2010-10-12 19:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-02 08:36 - 2011-04-01 00:31 - 00000000 ____D () C:\Update
2014-10-02 02:00 - 2014-09-02 18:53 - 00000000 ____D () C:\Users\Cansel\Documents\Outlook-Dateien
2014-10-02 00:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-01 19:17 - 2014-01-04 02:24 - 00000000 ___RD () C:\Users\Cansel\Desktop\Systemwartung&Sicherheit
2014-10-01 17:19 - 2013-09-28 01:52 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-09-25 20:50 - 2013-01-09 03:38 - 00000000 ____D () C:\Users\Cansel\Documents\SelfMV
2014-09-25 20:48 - 2014-09-02 19:51 - 00000000 ___DC () C:\Program Files\SAMSUNG
2014-09-25 15:15 - 2012-07-28 14:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-25 15:15 - 2012-07-28 14:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 15:15 - 2012-07-28 14:37 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-25 15:07 - 2013-11-04 21:21 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-23 17:31 - 2011-02-07 22:11 - 00000000 ____D () C:\Users\Cansel
2014-09-19 12:53 - 2011-10-06 15:39 - 00000000 ____D () C:\Users\Cansel\AppData\Roaming\SoftGrid Client
2014-09-16 21:06 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-16 17:04 - 2011-07-27 16:44 - 01595628 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-15 09:06 - 2011-07-29 00:38 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-11 20:40 - 2014-08-14 12:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 20:29 - 2013-08-16 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 20:21 - 2011-02-15 01:37 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Cansel\AppData\Local\Temp\avgnt.exe
C:\Users\Cansel\AppData\Local\Temp\Quarantine.exe
C:\Users\Cansel\AppData\Local\Temp\SHSetup.exe
C:\Users\Cansel\AppData\Local\Temp\System.Data.SQLite.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 20:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---
][/CODE]

Alt 04.10.2014, 23:02   #9
Bootsektor
/// TB-Ausbilder
 
Automatische Lastschrift konnte nicht geöffnet werden! - Standard

Automatische Lastschrift konnte nicht geöffnet werden!



Ok, danke.

In deinen Backups steckt was, wenn du die nicht brauchst, bitte löschen und dann neue Backups machen.

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Cansel\Downloads\SpyHunter-Installer (2).exe 
C:\Users\Cansel\Downloads\SpyHunter-Installer (1).exe 
C:\Users\Cansel\Downloads\SpyHunter-Installer.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




OK
So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber.
Abschließend räumen wir noch etwas auf, führen Updates durch und dann bekommst du noch etwas Lesestoff von mir.

Schritt 1

Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren.
Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen.

Schritt 2
Downloade dir bitte delfix auf deinen Desktop.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
  • DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.
Falls nach Delfix noch Programme aus unserer Bereinigung vorhanden sein sollten, kannst du diese nun bedenkenlos löschen.

Updates / Programme aktualisieren


Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :

Java 7 Update 45
Java(TM) 6 Update 20

Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen

Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus.
  • FlashPlayer
Dein FlashPlayer für den Firefox ( Adobe Flash Player Plugin) ist nicht mehr aktuell.
  • deinstalliere die alten Versionen.
  • öffne mit dem Firefox folgenden Link Adobe - Adobe Flash Player installieren und lade Dir von dort die neueste Version herunter.
  • Falls sich dort etwas anderes als der FlashPlayer noch zusätzlich mitinstallieren möchte, entferne den Haken dort
Aktualisierung einstellen
Stelle sicher, dass dein FlashPlayer nach Updates sucht. Den FlashPlayer kann man direkt bei der Installation so konfigurieren, dass er nach Updates automatisch sucht, nachträglich kann man das über folgenden Link machen:
Adobe - Flash Player: Einstellungsmanager - Globale Benachrichtigungseinstellungen
  • Adobe Reader
Dein Adobe Reader ist veraltet.
Deinstalliere Deinen Reader und lade Dir die neueste Version von hier herunter. Schaue, ob sich noch etwas mit installieren möchte und entferne den Haken gegebenenfalls.
  • Firefox
Dein Firefox ist veraltet, gehe im Firefox auf
  • Hilfe
  • Über Firefox - nun sollte Firefox nach updates suchen, lasse es herunterladen und installiere es, falls es nicht automatisch geschieht
Alternativ:
Lade dir bitte von hier den aktuellen Firefox herunter.

Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür
  • verwende für jede Anwendung und jeden Account ein anderes Passwort
  • ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist dieses sehr wichtig
  • speichere keine Passwörter auf deinem PC, gib diese nicht an dritte weiter
  • ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen, und Sonderzeichen
  • benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster
  • verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben


Aktualität des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
  • Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Java
Du hattest eine veraltete Java-Version auf dem Rechner die wir in einem der vorherigen Schritte deinstalliert haben, denn Java ist eine große Sicherheitslücke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren.

Falls du Java doch unbedingt benötigst, dann
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 65 ) herunter laden.
  • Entferne den Haken bei "Installieren Sie die Ask-Toolbar ..." während der Installation.
und sorge dafür, dass Java automatisch updated.
Dazu:
  • öffne Java
  • klicke auf den Reiter Update
  • klicke auf: Benachrichtung ausgeben: Vor dem Download setze den Haken bei Automatisch nach Updates suchen
  • klicke auf Erweitert
  • ändere das Intervall mindestens auf wöchentlich
und schalte das Browser-Plugin aus.
Hier findest du eine Anleitung dazu.

Antivirensoftware
  • Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zusätzlicher Schutz
  • MalwareBytes Anti-Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
    Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.


Systemleistung
Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows.
Windows Vista
  • Klicke unten links auf das Vistasymbol
  • Gehe auf Programme -> Zubehör -> Systemprogramme -> Datenträgerbereinigung
  • Wähle nun Dateien von allen Benutzern des Computers aus und bestätige mit OK
  • Setze den Haken bei den zu löschenden Dateien zusätzlich bei Temporäre Dateien
  • Bestätige mit OK
  • Bestätige dass du die Dateien unwiderruflich löschen möchtest

Windows 7
  • Gehe auf das Windowsstartsymbol
  • Gebe im Suchfeld Datenträgerrereinigung ein
  • Setze den Haken zusätzlich bei Temporäre Dateien
  • Bestätige mit OK

Windows 8
  • Rechtsklicke in die untere linke Ecke deines Bildschirms
  • Klicke auf Suchen
  • Klicke auf Einstellungen
  • Gebe im Suchfeld Datenträgerbereinigung ein
  • Klicke in den Einstellungen auf der linken Seite nun auf Speicherplatz durch Löschen nicht erforderlicher Dateien freigeben
  • Setze den Haken zusätzlich bei Temporäre Dateien
  • Bestätige mit OK
  • Bestätige dass du die Dateien unwiderruflich löschen möchtest


Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
  • Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren möchte, wähle wo immer es geht die benutzerdefinierte Installation und wähle alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren möchtest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind.

Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun.

Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.

Alt 21.10.2014, 22:32   #10
sedafrost
 
Automatische Lastschrift konnte nicht geöffnet werden! - Standard

Automatische Lastschrift konnte nicht geöffnet werden!



Hallo Sandra,
sorry das ich mich erst jetzt wieder melde, aber war für länger weg.
So hier erstmal der erste Abschnitt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-10-2014
Ran by Cansel at 2014-10-21 23:26:24 Run:2
Running from C:\Users\Cansel\Desktop
Loaded Profile: Cansel (Available profiles: Cansel)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Cansel\Downloads\SpyHunter-Installer (2).exe
C:\Users\Cansel\Downloads\SpyHunter-Installer (1).exe
C:\Users\Cansel\Downloads\SpyHunter-Installer.exe

*****************

C:\Users\Cansel\Downloads\SpyHunter-Installer (2).exe => Moved successfully.
C:\Users\Cansel\Downloads\SpyHunter-Installer (1).exe => Moved successfully.
C:\Users\Cansel\Downloads\SpyHunter-Installer.exe => Moved successfully.

==== End of Fixlog ====


Sobald ich den Rest erledigt habe melde ich mich wieder bei dir, Danke!

Alt 21.10.2014, 22:34   #11
Bootsektor
/// TB-Ausbilder
 
Automatische Lastschrift konnte nicht geöffnet werden! - Standard

Automatische Lastschrift konnte nicht geöffnet werden!



Hallo,

Alles klar und vielen Dank für die Rückmeldung

Antwort

Themen zu Automatische Lastschrift konnte nicht geöffnet werden!
fehlercode 22, fehlercode 28, fehlercode windows, inf/autorun.gen, js/toolbar.crossrider.b, pup.optional.1clickmoviedownloader.a, pup.optional.clickmvd.a, pup.optional.crossrider.a, pup.optional.plushd.a, pup.optional.pricepeep.a, quarantäne, spyhunter, spyhunter entfernen, this device cannot start. (code10), this device is disabled. (code 22), tr/matsnu.a.216, trojan.fakevlc, trojaner im anhang, win32/adware.bundlore, win32/adware.toolplugin, win32/toolbar.searchsuite



Ähnliche Themen: Automatische Lastschrift konnte nicht geöffnet werden!


  1. C:\swapfile.sys [WARNUNG] Die Datei konnte nicht geöffnet werden!
    Log-Analyse und Auswertung - 09.05.2015 (5)
  2. Die automatische Lastschrift konnte nicht durchgeführt werden
    Plagegeister aller Art und deren Bekämpfung - 04.10.2014 (14)
  3. bat=exe konnte nicht gefunden werden.
    Plagegeister aller Art und deren Bekämpfung - 27.07.2014 (23)
  4. Win8: Nach Trojanerbefall bei Antivir Fehlermeldung C:\swapfile.sys konnte nicht geöffnet werden
    Log-Analyse und Auswertung - 22.04.2014 (14)
  5. Antivir: Warnung swapfile.sys konnte nicht geöffnet werden
    Plagegeister aller Art und deren Bekämpfung - 20.11.2013 (11)
  6. Seite konnte nicht geladen werden, Abgesicherter Modus geht nicht
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (2)
  7. Seite konnte nicht geladen werden, Abgesicherter Modus geht nicht
    Alles rund um Windows - 16.03.2012 (16)
  8. Abhängigkeitsdienst konnte nicht gestartet werden!
    Plagegeister aller Art und deren Bekämpfung - 22.02.2011 (5)
  9. HiJackThis 2.0.4: INSTALL.LOG konnte nicht geöffnet werden
    Log-Analyse und Auswertung - 18.05.2010 (0)
  10. "Dieses Installations Paket konnte nicht geöffnet werden" - Problem
    Alles rund um Windows - 02.04.2010 (10)
  11. copy.exe konnte nicht gefunden werden.
    Log-Analyse und Auswertung - 31.10.2009 (1)
  12. Avira-Warnung->Datein konnte nicht geöffnet werden
    Plagegeister aller Art und deren Bekämpfung - 11.01.2009 (12)
  13. AntiMalware kan nicht geöffnet werden, System stürzt ab und nfach geöffnet
    Log-Analyse und Auswertung - 10.01.2009 (29)
  14. Automatische Windows-Updates können nicht aktiviert werden
    Log-Analyse und Auswertung - 01.01.2009 (3)
  15. Automatische Windows Updates können nicht aktiviert werden!
    Log-Analyse und Auswertung - 03.06.2008 (11)
  16. datei install.log konnte nicht geöffnet werden, Hiiilfe !!
    Plagegeister aller Art und deren Bekämpfung - 20.03.2006 (7)
  17. Suchseite konnte nicht geöffnet werden
    Log-Analyse und Auswertung - 21.01.2005 (3)

Zum Thema Automatische Lastschrift konnte nicht geöffnet werden! - Hallo, ich glaube, ich habe großen Mist gebaut... Habe heute aus Schreck einfach den Anhang gespeichert und geöffnet, wirklich aufmachen ließ es sich nicht... und das er von Facebook stammen - Automatische Lastschrift konnte nicht geöffnet werden!...
Archiv
Du betrachtest: Automatische Lastschrift konnte nicht geöffnet werden! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.