Virus/Viren, z.B. SmartSaver eingefangen

Jami87 · 22.03.2015, 11:59

Naja, wenn ich sämtliche private Dateien in den Papierkorb schiebe und dort lösche, sind sie ja wiederherstellbar. Mag nicht, dass jemand meine Bilder, Dokumente, etc. irgendwann nochmal ausliest (auch wenn nichts besonderes dabei ist, aber das sind ja doch persönliche Dateien...).

Ist der PC denn jetzt frei von Viren bzw. was sagt die FRST - Datei aus?

schrauber · 22.03.2015, 17:50

Nein, sauber ist er nicht, du hast wieder Adware erwischt irgendwo. Also private Daten löschen meinst Du wenn du den Rechner entsorgst?

EInfach mit der Windows DVD oder sonst einer DVD eines Betriebssystems formatieren, dann sind die Daten weg.

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Iminent
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Jami87 · 22.03.2015, 19:53

Schon wieder Adware? Ich war doch kaum am PC, da er doch ohnehin nicht ging?!?

Das mit der Windows-DVD, etc. scheint aber kompliziert zu sein :-( (Die muss man ja erstmal irgendwo her bekommen, etc.) Geht das nicht einfacher? Ich hatte nun z.B. von "Secure Eraser" gehört und dies runtergeladen - was hältst du von sowas?

Das "Iminent" finde ich leider nicht?!?

Bei Malwaebytes wurde nun wieder was mit/von Vosteran gefunden?!?

Code:

ATTFilter

alwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 22.03.2015
Suchlauf-Zeit: 18:58:27
Logdatei: mbam.txt
Administrator: Nein

Version: 2.00.4.1028
Malware Datenbank: v2015.03.22.03
Rootkit Datenbank: v2015.02.25.01
Lizenz: Testversion
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: *****-*****

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 246398
Verstrichene Zeit: 20 Min, 10 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 1
PUP.Optional.Vosteran.A, C:\Users\*****-*****\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: (), Schlecht: (   "homepage": "hxxp://vosteran.com/?f=1&a=&cd=&cr=&ir=",), Ersetzt,[fe8d2622ec9e7db9400d2909f80efc04]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Was auch komisch ist: Wenn ich den Deckel schließe, ist der Laptop immer in den Energiesparmodus gegangen. Komischerweise geht das jetzt nicht mehr und lässt sich auch nicht mehr einstellen (die Option "Energie sparen" fehlt bei den Einstellungen auf einmal).

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v4.112 - Bericht erstellt 22/03/2015 um 19:36:38
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-22.1 [Server]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : *****-***** 2 - *****
# Gestarted von : C:\Users\*****-*****\Downloads\AdwCleaner_4.112.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\*****-*****\AppData\Roaming\Tobit
Datei Gelöscht : C:\Windows\DtcInstall.log
Datei Gelöscht : C:\Windows\TSSysprep.log
Datei Gelöscht : C:\Users\*****-*****\AppData\Roaming\Mozilla\Firefox\Profiles\mdoh89q4.default\invalidprefs.js
Datei Gelöscht : C:\Users\*****-*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
Datei Gelöscht : C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
Datei Gelöscht : C:\Users\*****-*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage-journal
Datei Gelöscht : C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v9.0.8112.16633


-\\ Mozilla Firefox v13.0.1 (de)


-\\ Google Chrome v41.0.2272.101


*************************

AdwCleaner[R0].txt - [52664 Bytes] - [14/03/2015 15:25:35]
AdwCleaner[R1].txt - [1962 Bytes] - [22/03/2015 19:25:43]
AdwCleaner[S0].txt - [54143 Bytes] - [14/03/2015 15:29:38]
AdwCleaner[S1].txt - [1846 Bytes] - [22/03/2015 19:36:38]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [1905  Bytes] ##########

--- --- ---

schrauber · 23.03.2015, 13:45

Mit dem Programm kannste das auch machen. Aber sag mir bitte Bescheid. Wenn Du das machen willst können wir uns die Arbeit hier ja sparen

Jami87 · 23.03.2015, 19:29

Naja, das möchte ich ja nur machen, wenn der PC gar nicht mehr gehen sollte. Zudem dachte ich, dass ich damit ein paar Dateien löschen kann, ohne, dass gleich alles weg ist?!?

JRT funktioniert mal wieder nicht - ich versuche es gleich nochmal...

Was mache ich denn jetzt mit dem "Iminent", was nicht zu finden ist?

schrauber · 24.03.2015, 09:58

Das entfernen wir von Hand. Poste bitte das frische FRST log.

Jami87 · 24.03.2015, 19:31

Ok, ich mache das mit dem FRST dann jetzt nochmal... Das JRT stürzt immer ab bzw. der PC ist schneller und zeigt immer vor Beendigung des Programms nur noch Streifen :-(.

Ich verstehe auch nicht, dass er mal geht und mal nicht... Heute lief er 2h nur mit Streifen (habe mal gewartet, ob nochwas passiert) und ohne, dass ich etwas gemacht habe, kam auf einmal ein Bild... Genauso schnell wird das aber bald auch wieder weg sein :-(

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by *****-***** 2 (administrator) on ***** on 24-03-2015 19:25:10
Running from c:\Users\*****-*****\Downloads
Loaded Profiles: *****-***** & *****-***** 2 (Available profiles: *****-***** & *****-***** 2)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
() C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
( ) C:\Windows\System32\lxeacoms.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
() C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Akamai Technologies, Inc.) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
() C:\Users\*****-*****\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Akamai Technologies, Inc.) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [lxeamon.exe] => C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe [770728 2010-01-18] ()
HKLM\...\Run: [EzPrint] => C:\Program Files\Lexmark S300-S400 Series\ezprint.exe [139944 2010-01-18] ()
HKLM\...\Run: [UVS10 Preload] => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [217088 2009-04-11] (Microsoft Corporation)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [3905920 2012-06-05] (SUPERAntiSpyware.com)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Akamai NetSession Interface] => C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Amazon Cloud Player] => C:\Users\*****-*****\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [EPSON SX430 Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [212480 2012-05-18] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [EPSON Stylus DX8400 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [182272 2007-04-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-26] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (No File)
Startup: C:\Users\*****-*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\*****-*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://vosteran.com/?f=1&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1QzuyDyEyEtByEzyyCyByCyCyDzyyD0BtCzytN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFyBtFtCtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2SyB0E0EyCyE0DyE0EtGtAzy0AzztG0AtCzztCtGyCtAtC0AtGyCyEyDtDtC0AtB0C0Fzz0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0E0F0AyC0CzztGyDtAzzyCtGyEyD0D0CtGzyzzyCtAtGyDtD0Bzyzz0EzzyCzzyByEtD2Q&cr=1074813290&ir=
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.club-vaio.com
hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {399AFF92-3607-4429-B2E3-99BECE8D2374} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {53DBFD01-FF03-4A5F-8F4B-7BF8E909A975} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {C4802B53-BBDC-409E-B3EF-57C0B6708018} URL = hxxp://adfarm.mediaplex.com/ad/ck/707-1403-18840-0?mpro=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {E6BFE530-DE68-4D85-A111-513CA45EFAF0} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-09-16] (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Google BAE\BAE.dll [2006-06-23] (Your Company Name)
BHO: Lexmark  -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll [2008-05-22] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  No File
DPF: {00000161-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/msaud.cab
DPF: {33564D57-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-01-25] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File []
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File []
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File []
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\*****-***** 2\AppData\Roaming\Mozilla\Firefox\Profiles\4qlxy2p6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [2007-07-12] (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-16] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2011-06-07] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3850073437-3280287025-709413035-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\*****-*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-09] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-06-07] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009-06-04] (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml [2010-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-14]
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012-12-12]
FF HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Firefox\Extensions: [{D250ED92-1791-42C4-B441-E90BF89B9BEF}] - C:\Users\*****-*****\AppData\Local\{D250ED92-1791-42C4-B441-E90BF89B9BEF}
FF Extension: XULRunner - C:\Users\*****-*****\AppData\Local\{D250ED92-1791-42C4-B441-E90BF89B9BEF} [2011-04-02]
FF HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-31]
CHR Extension: (Google Docs) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-31]
CHR Extension: (Google Drive) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-31]
CHR Extension: (YouTube) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-31]
CHR Extension: (Google Search) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-31]
CHR Extension: (Google Sheets) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-31]
CHR Extension: (Avira Browser Safety) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-31]
CHR Extension: (Gmail) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-12] (SUPERAntiSpyware.com) [File not signed]
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdobeActiveFileMonitor5.0; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe [443752 2008-08-18] (DisplayLink Corp.)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S4 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [74752 2011-12-30] (Freemake) [File not signed]
S4 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-26] (Google)
S2 gupdate1ca0ac0f00c0a80; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe [193192 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [598696 2010-01-07] ( )
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S4 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
S4 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
R2 Radio.fx; C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [994360 2011-07-29] (Secunia)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
R2 STacSV; C:\Windows\system32\stacsv.exe [94208 2007-06-13] (SigmaTel, Inc.)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-06-28] (Sony Corporation) [File not signed]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-07-12] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [499712 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation) [File not signed]
R2 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [292152 2007-07-05] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation) [File not signed]
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2007-08-28] (Sony Corporation) [File not signed]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [131072 2007-08-28] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [287856 2008-08-18] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [13424 2008-08-18] (DisplayLink Corp.)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2009-04-30] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-03-14] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
S3 s3017bus; C:\Windows\System32\DRIVERS\s3017bus.sys [83880 2007-12-10] (MCCI Corporation)
S3 s3017mdfl; C:\Windows\System32\DRIVERS\s3017mdfl.sys [15016 2007-12-10] (MCCI Corporation)
S3 s3017mdm; C:\Windows\System32\DRIVERS\s3017mdm.sys [110632 2007-12-10] (MCCI Corporation)
S3 s3017mgmt; C:\Windows\System32\DRIVERS\s3017mgmt.sys [104616 2007-12-10] (MCCI Corporation)
S3 s3017nd5; C:\Windows\System32\DRIVERS\s3017nd5.sys [25512 2007-12-10] (MCCI Corporation)
S3 s3017obex; C:\Windows\System32\DRIVERS\s3017obex.sys [100648 2007-12-10] (MCCI Corporation)
S3 s3017unic; C:\Windows\System32\DRIVERS\s3017unic.sys [110120 2007-12-10] (MCCI Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-06-13] (SigmaTel, Inc.)
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [468096 2007-11-15] (Syntek)
R3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-06] (Texas Instruments)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\*****-~2\AppData\Local\Temp\catchme.sys [X]
S3 dsltestSp5; System32\Drivers\dsltestSp5.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-24 18:21 - 2015-03-24 18:22 - 00000000 ____D () C:\61ecd8660e75c4c583c1
2015-03-23 19:57 - 2015-03-23 19:57 - 00207856 _____ () C:\Windows\Minidump\Mini032315-01.dmp
2015-03-22 19:54 - 2015-03-22 19:55 - 01388672 _____ (Thisisu) C:\Users\*****-*****\Downloads\JRT.exe
2015-03-22 19:24 - 2015-03-22 19:24 - 02171392 _____ () C:\Users\*****-*****\Downloads\AdwCleaner_4.112.exe
2015-03-22 19:21 - 2015-03-22 19:25 - 00001416 _____ () C:\Users\*****-*****\Desktop\mbam.txt
2015-03-22 18:52 - 2015-03-22 18:52 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\*****-*****\Downloads\revosetup95.exe
2015-03-22 11:40 - 2015-03-22 11:40 - 00000000 ____D () C:\Users\*****-*****\Documents\Ulead VideoStudio SE
2015-03-22 11:39 - 2015-03-22 11:39 - 00000000 ____D () C:\Users\*****-*****\Documents\Bluetooth-Exchange-Ordner
2015-03-21 21:03 - 2015-03-21 21:27 - 00061948 _____ () C:\Users\*****-*****\Downloads\Addition.txt
2015-03-21 20:55 - 2015-03-24 19:27 - 00034826 _____ () C:\Users\*****-*****\Downloads\FRST.txt
2015-03-21 20:54 - 2015-03-24 19:25 - 00000000 ____D () C:\FRST
2015-03-21 20:54 - 2015-03-21 20:54 - 01135104 _____ (Farbar) C:\Users\*****-*****\Downloads\FRST.exe
2015-03-21 20:52 - 2015-03-21 20:52 - 02095616 _____ (Farbar) C:\Users\*****-*****\Downloads\FRST64(1).exe
2015-03-21 20:51 - 2015-03-21 20:52 - 02095616 _____ (Farbar) C:\Users\*****-*****\Downloads\FRST64.exe
2015-03-21 20:21 - 2015-03-21 20:21 - 00000000 ____D () C:\Users\*****-***** 2\AppData\Roaming\ASCOMP Software
2015-03-21 20:19 - 2015-03-21 20:19 - 00001942 _____ () C:\Users\Public\Desktop\Secure Eraser.lnk
2015-03-21 20:19 - 2015-03-21 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
2015-03-21 20:19 - 2015-03-21 20:19 - 00000000 ____D () C:\Program Files\ASCOMP Software
2015-03-21 20:13 - 2015-03-21 20:13 - 04233064 _____ (ASCOMP Software GmbH ) C:\Users\*****-*****\Downloads\sEraser4201.exe
2015-03-21 20:13 - 2015-03-21 20:13 - 04233064 _____ (ASCOMP Software GmbH ) C:\Users\*****-*****\Downloads\sEraser4201(1).exe
2015-03-21 19:33 - 2015-03-21 19:33 - 00000552 _____ () C:\Users\*****-*****\AppData\Local\d3d8caps.dat
2015-03-20 19:36 - 2009-05-26 11:35 - 01079840 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpluir.dll
2015-03-20 19:36 - 2009-05-26 11:35 - 00760352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcplui.exe
2015-03-20 19:36 - 2009-05-26 11:35 - 00420384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.cpl
2015-03-20 19:36 - 2009-05-26 11:35 - 00313888 _____ (NVIDIA Corporation) C:\Windows\system32\nvexpbar.dll
2015-03-16 19:42 - 2015-03-16 19:42 - 00002972 _____ () C:\Users\*****-*****\Desktop\Fixlist.txt
2015-03-15 21:50 - 2015-03-15 21:50 - 00138584 _____ () C:\Windows\Minidump\Mini031515-01.dmp
2015-03-14 15:25 - 2015-03-22 19:36 - 00000000 ____D () C:\AdwCleaner
2015-03-14 13:02 - 2015-03-14 13:03 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-14 13:00 - 2015-03-14 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-14 13:00 - 2015-03-14 13:00 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-03-14 13:00 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-14 13:00 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-13 23:17 - 2015-03-13 23:17 - 00002080 _____ () C:\Users\*****-*****\Desktop\ComboFix - Verknüpfung.lnk
2015-03-13 22:47 - 2015-03-13 22:49 - 00207325 _____ () C:\Users\*****-***** 2\Desktop\combofix.txt
2015-03-13 22:44 - 2015-03-13 22:44 - 00207509 _____ () C:\ComboFix.txt
2015-03-13 22:06 - 2015-03-13 22:44 - 00000000 ____D () C:\ComboFix
2015-03-13 22:04 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-13 22:04 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-13 22:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-13 22:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-13 22:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-13 22:04 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-13 22:04 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-13 22:04 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-13 22:01 - 2015-03-13 22:44 - 00000000 ____D () C:\Qoobox
2015-03-13 21:24 - 2015-03-13 21:24 - 00000000 ____D () C:\Users\*****-***** 2\AppData\Roaming\Swiss Academic Software
2015-03-13 21:09 - 2015-03-22 18:52 - 00001057 _____ () C:\Users\*****-***** 2\Desktop\Revo Uninstaller.lnk
2015-03-13 21:09 - 2015-03-22 18:52 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-03-13 19:55 - 2015-03-13 19:55 - 00138584 _____ () C:\Windows\Minidump\Mini031315-02.dmp
2015-03-13 19:18 - 2015-03-13 19:18 - 00142704 _____ () C:\Windows\Minidump\Mini031315-01.dmp
2015-03-12 21:34 - 2015-03-12 21:34 - 00007809 _____ () C:\Users\*****-***** 2\Desktop\gmer.txt
2015-03-12 19:48 - 2015-03-12 19:49 - 00000492 _____ () C:\Windows\system32\defogger_disable.log
2015-03-12 19:48 - 2015-03-12 19:48 - 00000000 _____ () C:\Users\*****-***** 2\defogger_reenable
2015-03-11 21:06 - 2015-03-11 21:06 - 00142704 _____ () C:\Windows\Minidump\Mini031115-01.dmp
2015-03-11 19:55 - 2015-01-29 02:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 19:51 - 2015-01-29 02:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 19:44 - 2015-02-26 01:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 17:14 - 2015-02-20 03:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 17:14 - 2015-02-20 01:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 17:10 - 2015-02-26 03:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-11 17:10 - 2015-02-26 03:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 17:10 - 2015-01-09 03:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 17:10 - 2015-01-09 01:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 17:08 - 2015-01-21 03:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 17:05 - 2015-03-06 05:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 17:03 - 2014-10-13 02:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-11 17:02 - 2015-02-18 03:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-10 23:52 - 2015-03-13 22:29 - 00000000 ____D () C:\Program Files\861437cb-3ee3-405d-bcea-149a4dc68fde
2015-03-10 23:51 - 2015-03-11 19:50 - 00000000 ____D () C:\ProgramData\{c5d7b5bd-e56a-bd77-c5d7-7b5bde56d6f7}
2015-03-10 21:26 - 2015-02-21 18:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-10 21:26 - 2015-02-21 18:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-10 21:26 - 2015-02-21 18:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-10 21:26 - 2015-02-21 18:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-10 21:26 - 2015-02-21 18:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-10 21:26 - 2015-02-21 18:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-10 21:26 - 2015-02-21 18:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-10 21:26 - 2015-02-21 18:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-10 21:26 - 2015-02-21 18:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-10 21:26 - 2015-02-21 18:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-10 21:26 - 2015-02-21 18:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-10 21:26 - 2015-02-21 18:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-10 21:26 - 2015-02-21 18:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-10 21:26 - 2015-02-21 18:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-10 21:26 - 2015-02-21 18:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-10 21:26 - 2015-02-21 18:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-10 21:26 - 2015-02-21 18:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-10 21:26 - 2015-02-21 18:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-10 21:26 - 2015-02-21 18:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-10 21:26 - 2015-02-21 18:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-10 21:26 - 2015-02-21 18:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-10 21:26 - 2015-02-21 18:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-09 20:35 - 2015-03-09 20:35 - 00139088 _____ () C:\Windows\Minidump\Mini030915-01.dmp
2015-03-08 11:03 - 2015-03-08 11:03 - 00209608 _____ () C:\Windows\Minidump\Mini030815-01.dmp
2015-03-06 15:42 - 2015-03-06 15:42 - 00001879 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-24 19:22 - 2011-06-30 11:07 - 00001356 _____ () C:\Users\*****-*****\AppData\Local\d3d9caps.dat
2015-03-24 19:18 - 2009-07-22 12:50 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-24 19:05 - 2013-02-05 20:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-24 19:00 - 2008-02-06 14:54 - 01649719 _____ () C:\Windows\WindowsUpdate.log
2015-03-24 18:49 - 2011-01-02 17:31 - 00193340 _____ () C:\ProgramData\lxeascan.log
2015-03-24 18:48 - 2013-07-13 10:20 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7faa4579dfd0.job
2015-03-24 18:32 - 2006-11-02 11:33 - 01623482 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-24 18:24 - 2007-07-20 15:28 - 01557716 _____ () C:\Windows\PFRO.log
2015-03-24 18:24 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-24 18:24 - 2006-11-02 13:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-24 18:24 - 2006-11-02 13:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-23 19:57 - 2008-05-16 21:19 - 00000000 ____D () C:\Windows\Minidump
2015-03-23 19:56 - 2010-08-25 18:12 - 278907883 _____ () C:\Windows\MEMORY.DMP
2015-03-23 19:23 - 2008-02-06 16:25 - 00252513 _____ () C:\Users\*****-*****\AppData\Roaming\nvModes.001
2015-03-22 21:43 - 2007-07-20 14:34 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-03-22 21:43 - 2006-11-02 14:01 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-22 18:06 - 2010-08-25 19:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-22 12:35 - 2011-08-30 05:40 - 00001052 _____ () C:\Windows\Tasks\Google Software Updater.job
2015-03-21 21:28 - 2008-02-16 14:49 - 00002631 _____ () C:\Users\*****-*****\Desktop\Microsoft Office Word 2007.lnk
2015-03-21 20:31 - 2008-02-06 16:25 - 00000000 ____D () C:\Users\*****-*****
2015-03-21 20:23 - 2012-06-01 17:32 - 00000000 ____D () C:\Users\*****-***** 2\AppData\Roaming\Adobe
2015-03-21 20:23 - 2012-05-23 06:59 - 00000000 ____D () C:\Users\*****-***** 2\AppData\Local\Adobe
2015-03-21 19:59 - 2011-07-16 17:42 - 00125952 _____ () C:\Users\*****-*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-21 19:49 - 2009-06-09 20:21 - 00000000 ____D () C:\Users\*****-*****\dwhelper
2015-03-21 19:05 - 2012-06-01 20:49 - 00000017 ____H () C:\Windows\system32\servdat.slm
2015-03-21 13:36 - 2006-11-02 11:22 - 66846720 _____ () C:\Windows\system32\config\software_previous
2015-03-21 13:36 - 2006-11-02 11:22 - 52166656 _____ () C:\Windows\system32\config\system_previous
2015-03-21 13:35 - 2013-07-25 22:43 - 00000000 ____D () C:\ProgramData\Netzmanager
2015-03-21 13:35 - 2013-06-21 13:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-03-21 13:35 - 2012-06-24 10:07 - 00000000 ____D () C:\Users\*****-*****\AppData\Local\Akamai
2015-03-21 13:35 - 2012-05-23 06:59 - 00000000 ____D () C:\Users\*****-***** 2
2015-03-21 13:35 - 2011-05-25 12:59 - 00000000 ____D () C:\ProgramData\Ulead Systems
2015-03-21 13:35 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2015-03-21 13:35 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-03-21 13:35 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2015-03-21 13:29 - 2006-11-02 11:22 - 49283072 _____ () C:\Windows\system32\config\components_previous
2015-03-21 13:29 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2015-03-21 13:27 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2015-03-21 10:32 - 2006-11-02 11:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2015-03-20 19:15 - 2006-11-02 13:52 - 00113370 _____ () C:\Windows\setupact.log
2015-03-16 19:50 - 2008-09-01 21:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-14 16:43 - 2015-01-31 17:40 - 00001963 _____ () C:\Users\*****-***** 2\Desktop\Google Chrome.lnk
2015-03-14 16:43 - 2012-05-23 06:59 - 00000944 _____ () C:\Users\*****-***** 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-14 15:29 - 2009-07-22 12:09 - 00000000 ____D () C:\ProgramData\ICQ
2015-03-14 13:00 - 2012-05-07 19:58 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-14 13:00 - 2012-05-07 19:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-13 22:39 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2015-03-13 22:29 - 2012-09-29 13:22 - 00000000 ____D () C:\Program Files\7-Zip2
2015-03-13 22:24 - 2010-03-04 19:47 - 00000000 ____D () C:\ProgramData\TEMP
2015-03-11 20:31 - 2006-11-02 13:47 - 00397352 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 19:54 - 2007-07-20 16:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 19:43 - 2013-07-26 08:36 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 19:01 - 2008-02-06 16:25 - 00252513 _____ () C:\Users\*****-*****\AppData\Roaming\nvModes.dat
2015-03-11 17:16 - 2006-11-02 11:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-10 23:53 - 2012-05-23 06:59 - 00043239 _____ () C:\Users\*****-***** 2\AppData\Roaming\nvModes.001
2015-03-10 20:05 - 2015-02-21 12:36 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-10 20:05 - 2015-02-21 12:36 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-07 21:58 - 2008-02-10 11:56 - 00000000 ____D () C:\Users\*****-*****\AppData\Roaming\Skype
2015-03-07 17:01 - 2011-03-01 16:18 - 00045024 _____ () C:\ProgramData\lxea.log
2015-03-06 15:48 - 2007-07-20 14:51 - 00794682 _____ () C:\Windows\DPINST.LOG
2015-03-06 15:42 - 2007-07-20 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-03-06 15:41 - 2007-07-20 15:01 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-03-01 19:08 - 2010-01-02 10:33 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-02-24 04:23 - 2009-10-03 01:27 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2012-05-23 06:59 - 2015-03-10 23:53 - 0043239 _____ () C:\Users\*****-***** 2\AppData\Roaming\nvModes.001
2012-05-23 06:59 - 2007-08-06 14:21 - 0042479 _____ () C:\Users\*****-***** 2\AppData\Roaming\nvModes.dat
2012-06-30 10:35 - 2012-06-30 10:35 - 0000022 ___SH () C:\Users\*****-***** 2\AppData\Roaming\Windows1569_SettingsRepository.bin
2012-05-23 06:59 - 2015-02-20 20:48 - 0002032 _____ () C:\Users\*****-***** 2\AppData\Local\d3d9caps.dat
2012-05-23 06:59 - 2007-08-06 14:06 - 0018944 _____ () C:\Users\*****-***** 2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-30 10:35 - 2012-06-30 10:35 - 0000000 _____ () C:\Users\*****-***** 2\AppData\Local\jv16PT_temp.tmp
2008-02-21 11:45 - 2008-02-21 11:45 - 0000305 _____ () C:\ProgramData\addr_file.html
2009-02-05 21:42 - 2009-02-05 21:42 - 0000056 _____ () C:\ProgramData\ezsidmv.dat
2011-01-02 17:39 - 2011-01-02 17:39 - 0000252 _____ () C:\ProgramData\FastPics.log
2011-03-01 16:18 - 2015-03-07 17:01 - 0045024 _____ () C:\ProgramData\lxea.log
2011-01-02 17:40 - 2011-01-02 17:42 - 0000438 _____ () C:\ProgramData\lxeaDiagnostics.log
2011-01-02 17:44 - 2011-06-02 09:10 - 0004439 _____ () C:\ProgramData\lxeaJSW.log
2011-01-02 17:31 - 2015-03-24 18:49 - 0193340 _____ () C:\ProgramData\lxeascan.log
2011-01-02 17:27 - 2011-01-02 17:27 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Some content of TEMP:
====================
C:\Users\*****-*****\AppData\Local\temp\avgnt.exe
C:\Users\*****-***** 2\AppData\Local\temp\Quarantine.exe
C:\Users\*****-***** 2\AppData\Local\temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\System32\nsprs.dll
C:\Windows\System32\serauth1.dll
C:\Windows\System32\serauth2.dll
C:\Windows\System32\ssprs.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-24 18:54

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 25.03.2015, 12:25

wie gesagt, Hardware oder Treiber verursachen das.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Jami87 · 26.03.2015, 19:41

Der Pc geht schon wieder nicht mehr - melde mich wieder, falls ich nochmal was erkennen kann :-(

schrauber · 27.03.2015, 10:35

ok.

Jami87 · 27.03.2015, 18:22

Hallo nochmal,

sag mal, ich habe nochmal ein wenig gegoogelt: Wenn ich den PC "entsorgen" wollen sollte oder doch zur Reperatur geben: Ich kann ja eigentlich einfach die Festplatte herausnehmen, wenn ich nicht möchte, dass jmd. an die Daten kommt, oder? Oder sind die Daten noch woanders gespeichert?

schrauber · 28.03.2015, 03:28

Nee, nur auf der Platte

Jami87 · 28.03.2015, 15:22

Laptop geht gerade wieder mal:

Also:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.97  
 Windows Vista Service Pack 2 x86   
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 SUPERAntiSpyware     
 Secunia PSI (2.0.0.4002)   
 Java 8 Update 31  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 	16.0.0.305  
 Mozilla Firefox (36.0.4) 
 Google Chrome (41.0.2272.101) 
 Google Chrome (41.0.2272.89) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 ESET ESET Online Scanner OnlineScannerApp.exe  
 ESET ESET Online Scanner OnlineCmdLineScanner.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Das mit den Updates habe ich noch nicht so richtig hinbekommen :-(

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3d83703d8e9a2b42adc31e9054d2558f
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-09 08:46:07
# local_time=2012-05-09 10:46:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 125694743 125694743 0 0
# compatibility_mode=1792 16777215 100 0 1128022 1128022 0 0
# compatibility_mode=5892 16776573 100 100 154443 174075447 0 0
# compatibility_mode=8192 67108863 100 0 39669 39669 0 0
# scanned=251245
# found=11
# cleaned=0
# scan_time=10448
C:\Users\*****-*****\AppData\Local\Temp\FreemakeVideoConverter_3.0.1.3.exe	Win32/Toolbar.Zugo application (unable to clean)	00000000000000000000000000000000	I
C:\Users\*****-*****\AppData\Local\Temp\ICReinstall\Facemoods.exe	probably a variant of Win32/InstallCore.A application (unable to clean)	00000000000000000000000000000000	I
C:\Users\*****-*****\AppData\Local\Temp\is1293846689\MyBabylonTB.exe	Win32/Toolbar.Babylon application (unable to clean)	00000000000000000000000000000000	I
C:\Users\*****-*****\Downloads\Facemoods(1).exe	probably a variant of Win32/InstallCore.A application (unable to clean)	00000000000000000000000000000000	I
C:\Users\*****-*****\Downloads\Facemoods.exe	probably a variant of Win32/InstallCore.A application (unable to clean)	00000000000000000000000000000000	I
C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe	Win32/StartPage.OIE trojan (unable to clean)	00000000000000000000000000000000	I
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=45315
esets_scanner_update returned -1 esets_gle=12
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3d83703d8e9a2b42adc31e9054d2558f
# engine=22917
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-15 08:00:08
# local_time=2015-03-15 09:00:08 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 167110 263982336 0 0
# scanned=328209
# found=41
# cleaned=0
# scan_time=21926
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=43A205985790C47A7E611FA2D3CAB9B4EB59121F ft=1 fh=5bd497922ffc5928 vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-*****\AppData\Local\Babylon\Setup\BExternal.dll.vir"
sh=1B2801DD02E9D9B7F27789ED161BC1761943E921 ft=1 fh=8073091e54552e56 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-*****\AppData\Local\Babylon\Setup\IECookieLow.dll.vir"
sh=3A9D7D4639B5EB8BEC42DF972C44493690EAADFC ft=1 fh=b8a59cf28e1dc165 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-*****\AppData\Local\Babylon\Setup\Setup.exe.vir"
sh=609F2D4B1AE5C7177C44CCAF9309EFD16FC9E42D ft=1 fh=8551c46845849e5f vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-***** 2\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe.vir"
sh=22B1B0EAFDBB1229336F9D8187F9905A5DDEDF89 ft=1 fh=406c1e66a46fc082 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-***** 2\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe.vir"
sh=88CA2B9C5E587306B08CF6EA239CA72775495695 ft=1 fh=b15f3040528a74fd vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-***** 2\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe.vir"
sh=A2F035C707F31E9CCBD09E17A9F645A25EBB636A ft=1 fh=c71c0011cd2e60c0 vn="Win32/LiveSupport.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\LiveSupport\LiveSupport.exe.vir"
sh=F7AF09F36F4983DB24F389676D2D6EFF067C672D ft=1 fh=8ed8b1cf87d17603 vn="Win32/LiveSupport.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\LiveSupport\LiveSupport_deskband_x32.dll.vir"
sh=47B40F8180A8413DFB3B51EB9BFF551D887BCA76 ft=1 fh=edd7ecef82c6227b vn="Win64/LiveSupport.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\LiveSupport\LiveSupport_deskband_x64.dll.vir"
sh=6408D61C9809E743126596AF762ABA61C67626F2 ft=1 fh=11b2d7f1750c67b8 vn="Win32/Adware.DsiLoad.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\*****-*****\AppData\Local\dsisetup38304172.exe.vir"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\AppData\Roaming\PWKN"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\AppData\Roaming\VM"
sh=C07194A512E1C3A23F740679260BD3B75B6F9FAB ft=1 fh=83f7d6f91ffcac4f vn="Variante von Win32/Downloader.JooSoft.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe"
sh=4C5833324A666FAB1CBFE2795F34DCABFAF13490 ft=1 fh=86d131aa1ffcac4f vn="Variante von Win32/Downloader.JooSoft.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe"
sh=F53F848DCDB4D466AB039A57FDDF238C42F64EA1 ft=1 fh=9084f26b1ffcac4f vn="Variante von Win32/Downloader.JooSoft.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe"
sh=5F80BC3A714EAD6927AF2B94E29935F1D9C370BC ft=1 fh=3be73f1765228613 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\dvdburnersetup.exe"
sh=DC69F69E0FE7B153118C9F4D4E59318027CF29C1 ft=1 fh=e9313ee6409597e8 vn="Variante von Win32/FileTypeAssistant.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe"
sh=1951424B2C9396E09E6ED9BC84BE3D9A04F7632B ft=1 fh=81e0d6a2d98bff1e vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\FreeYouTubeDownload.exe"
sh=BCF43267B4416C6DDEFAAD5AE0A63E3F682C5BB0 ft=1 fh=905be375e5c80006 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe"
sh=507B6AD46C471804A48A6E7A4D17E1C0B3B7FE74 ft=1 fh=250619b7b5b96cd4 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe"
sh=6E90290E07E48BB51F655F8AD95DB762E97EABDE ft=1 fh=310600cd9c667158 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe"
sh=5FE3697374F6214D585EE6AD59892411759B4BCF ft=1 fh=cac44e7c93cae1e1 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe"
sh=5293DBC3B6E7824E985FD8FE8492D6DEF5BC7997 ft=1 fh=f64f4ef2e6cded2b vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe"
sh=C318C520B070146647C507B109917F4B957608FC ft=1 fh=f64f4ef2667e41f3 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe"
sh=328F1D9F544072C3114AB566BDE439FDBF19FD37 ft=1 fh=208c1d4f316d1e8c vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe"
sh=9BD1B78D00939FF1FA5E98095A34FAD54E4B3C82 ft=1 fh=ee24dfeba0a60a5e vn="Win32/StartPage.OIE Trojaner" ac=I fn="C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe"
sh=8DB51595492609FFF73800174DDBC6363C1DA181 ft=1 fh=e03aa7f093055e9b vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe"
sh=8DB51595492609FFF73800174DDBC6363C1DA181 ft=1 fh=e03aa7f093055e9b vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe"
sh=E97CC11C632E8616FBAF26FA7FF2EE43D4A485CB ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\183409c.msi"
sh=609F2D4B1AE5C7177C44CCAF9309EFD16FC9E42D ft=1 fh=8551c46845849e5f vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe"
sh=22B1B0EAFDBB1229336F9D8187F9905A5DDEDF89 ft=1 fh=406c1e66a46fc082 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe"
sh=88CA2B9C5E587306B08CF6EA239CA72775495695 ft=1 fh=b15f3040528a74fd vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe"
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3d83703d8e9a2b42adc31e9054d2558f
# engine=23127
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-28 02:05:06
# local_time=2015-03-28 03:05:06 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 0 265084234 0 0
# scanned=273339
# found=40
# cleaned=0
# scan_time=13215
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\AppData\Roaming\PWKN.xBAD"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\AppData\Roaming\VM.xBAD"
sh=C07194A512E1C3A23F740679260BD3B75B6F9FAB ft=1 fh=83f7d6f91ffcac4f vn="Variante von Win32/Downloader.JooSoft.A evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe.xBAD"
sh=4C5833324A666FAB1CBFE2795F34DCABFAF13490 ft=1 fh=86d131aa1ffcac4f vn="Variante von Win32/Downloader.JooSoft.A evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe.xBAD"
sh=F53F848DCDB4D466AB039A57FDDF238C42F64EA1 ft=1 fh=9084f26b1ffcac4f vn="Variante von Win32/Downloader.JooSoft.A evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe.xBAD"
sh=5F80BC3A714EAD6927AF2B94E29935F1D9C370BC ft=1 fh=3be73f1765228613 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\dvdburnersetup.exe.xBAD"
sh=DC69F69E0FE7B153118C9F4D4E59318027CF29C1 ft=1 fh=e9313ee6409597e8 vn="Variante von Win32/FileTypeAssistant.A evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe.xBAD"
sh=1951424B2C9396E09E6ED9BC84BE3D9A04F7632B ft=1 fh=81e0d6a2d98bff1e vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\FreeYouTubeDownload.exe.xBAD"
sh=BCF43267B4416C6DDEFAAD5AE0A63E3F682C5BB0 ft=1 fh=905be375e5c80006 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe.xBAD"
sh=507B6AD46C471804A48A6E7A4D17E1C0B3B7FE74 ft=1 fh=250619b7b5b96cd4 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup19_FreeConverter.exe.xBAD"
sh=6E90290E07E48BB51F655F8AD95DB762E97EABDE ft=1 fh=310600cd9c667158 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe.xBAD"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe.xBAD"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe.xBAD"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe.xBAD"
sh=5FE3697374F6214D585EE6AD59892411759B4BCF ft=1 fh=cac44e7c93cae1e1 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe.xBAD"
sh=5293DBC3B6E7824E985FD8FE8492D6DEF5BC7997 ft=1 fh=f64f4ef2e6cded2b vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe.xBAD"
sh=C318C520B070146647C507B109917F4B957608FC ft=1 fh=f64f4ef2667e41f3 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe.xBAD"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe.xBAD"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe.xBAD"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe.xBAD"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe.xBAD"
sh=C7AC35C8F75514310C3BF0D1EAEDE4F82F1AE8A1 ft=1 fh=c9a22512e1bbe0c4 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe.xBAD"
sh=328F1D9F544072C3114AB566BDE439FDBF19FD37 ft=1 fh=208c1d4f316d1e8c vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe.xBAD"
sh=9BD1B78D00939FF1FA5E98095A34FAD54E4B3C82 ft=1 fh=ee24dfeba0a60a5e vn="Win32/StartPage.OIE Trojaner" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe.xBAD"
sh=8DB51595492609FFF73800174DDBC6363C1DA181 ft=1 fh=e03aa7f093055e9b vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe.xBAD"
sh=8DB51595492609FFF73800174DDBC6363C1DA181 ft=1 fh=e03aa7f093055e9b vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe.xBAD"
sh=609F2D4B1AE5C7177C44CCAF9309EFD16FC9E42D ft=1 fh=8551c46845849e5f vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe.xBAD"
sh=22B1B0EAFDBB1229336F9D8187F9905A5DDEDF89 ft=1 fh=406c1e66a46fc082 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe.xBAD"
sh=88CA2B9C5E587306B08CF6EA239CA72775495695 ft=1 fh=b15f3040528a74fd vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3850073437-3280287025-709413035-1003\$RWH20B9\Quarantine\C\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe.xBAD"
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=43A205985790C47A7E611FA2D3CAB9B4EB59121F ft=1 fh=5bd497922ffc5928 vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-*****\AppData\Local\Babylon\Setup\BExternal.dll.vir"
sh=1B2801DD02E9D9B7F27789ED161BC1761943E921 ft=1 fh=8073091e54552e56 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-*****\AppData\Local\Babylon\Setup\IECookieLow.dll.vir"
sh=3A9D7D4639B5EB8BEC42DF972C44493690EAADFC ft=1 fh=b8a59cf28e1dc165 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-*****\AppData\Local\Babylon\Setup\Setup.exe.vir"
sh=609F2D4B1AE5C7177C44CCAF9309EFD16FC9E42D ft=1 fh=8551c46845849e5f vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-***** 2\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe.vir"
sh=22B1B0EAFDBB1229336F9D8187F9905A5DDEDF89 ft=1 fh=406c1e66a46fc082 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-***** 2\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe.vir"
sh=88CA2B9C5E587306B08CF6EA239CA72775495695 ft=1 fh=b15f3040528a74fd vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\*****-***** 2\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe.vir"
sh=A2F035C707F31E9CCBD09E17A9F645A25EBB636A ft=1 fh=c71c0011cd2e60c0 vn="Win32/LiveSupport.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\LiveSupport\LiveSupport.exe.vir"
sh=F7AF09F36F4983DB24F389676D2D6EFF067C672D ft=1 fh=8ed8b1cf87d17603 vn="Win32/LiveSupport.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\LiveSupport\LiveSupport_deskband_x32.dll.vir"
sh=47B40F8180A8413DFB3B51EB9BFF551D887BCA76 ft=1 fh=edd7ecef82c6227b vn="Win64/LiveSupport.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\LiveSupport\LiveSupport_deskband_x64.dll.vir"
sh=6408D61C9809E743126596AF762ABA61C67626F2 ft=1 fh=11b2d7f1750c67b8 vn="Win32/Adware.DsiLoad.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\*****-*****\AppData\Local\dsisetup38304172.exe.vir"

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by *****-***** 2 (administrator) on ***** on 28-03-2015 15:13:21
Running from c:\Users\*****-*****\Downloads
Loaded Profiles: *****-***** & *****-***** 2 (Available profiles: *****-***** & *****-***** 2)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
() C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
( ) C:\Windows\System32\lxeacoms.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
() C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Akamai Technologies, Inc.) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
() C:\Users\*****-*****\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Akamai Technologies, Inc.) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Users\*****-*****\AppData\Local\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Mozilla Corporation) C:\Users\*****-*****\AppData\Local\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [lxeamon.exe] => C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe [770728 2010-01-18] ()
HKLM\...\Run: [EzPrint] => C:\Program Files\Lexmark S300-S400 Series\ezprint.exe [139944 2010-01-18] ()
HKLM\...\Run: [UVS10 Preload] => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [3905920 2012-06-05] (SUPERAntiSpyware.com)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Akamai NetSession Interface] => C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Amazon Cloud Player] => C:\Users\*****-*****\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [EPSON SX430 Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [212480 2012-05-18] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [EPSON Stylus DX8400 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [182272 2007-04-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe [960688 2015-02-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-26] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (No File)
Startup: C:\Users\*****-*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\*****-*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://vosteran.com/?f=1&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1QzuyDyEyEtByEzyyCyByCyCyDzyyD0BtCzytN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFyBtFtCtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2SyB0E0EyCyE0DyE0EtGtAzy0AzztG0AtCzztCtGyCtAtC0AtGyCyEyDtDtC0AtB0C0Fzz0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0E0F0AyC0CzztGyDtAzzyCtGyEyD0D0CtGzyzzyCtAtGyDtD0Bzyzz0EzzyCzzyByEtD2Q&cr=1074813290&ir=
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.club-vaio.com
hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {399AFF92-3607-4429-B2E3-99BECE8D2374} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {53DBFD01-FF03-4A5F-8F4B-7BF8E909A975} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {C4802B53-BBDC-409E-B3EF-57C0B6708018} URL = hxxp://adfarm.mediaplex.com/ad/ck/707-1403-18840-0?mpro=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {E6BFE530-DE68-4D85-A111-513CA45EFAF0} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-09-16] (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Google BAE\BAE.dll [2006-06-23] (Your Company Name)
BHO: Lexmark  -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll [2008-05-22] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  No File
DPF: {00000161-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/msaud.cab
DPF: {33564D57-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-01-25] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File []
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File []
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File []
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)

FireFox:
========
FF ProfilePath: C:\Users\*****-***** 2\AppData\Roaming\Mozilla\Firefox\Profiles\4qlxy2p6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [2007-07-12] (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-16] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-3850073437-3280287025-709413035-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\*****-*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-09] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009-06-04] (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml [2010-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-14]
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012-12-12]
FF HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Firefox\Extensions: [{D250ED92-1791-42C4-B441-E90BF89B9BEF}] - C:\Users\*****-*****\AppData\Local\{D250ED92-1791-42C4-B441-E90BF89B9BEF}
FF Extension: XULRunner - C:\Users\*****-*****\AppData\Local\{D250ED92-1791-42C4-B441-E90BF89B9BEF} [2011-04-02]
FF HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-31]
CHR Extension: (Google Docs) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-31]
CHR Extension: (Google Drive) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-31]
CHR Extension: (YouTube) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-31]
CHR Extension: (Google Search) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-31]
CHR Extension: (Google Sheets) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-31]
CHR Extension: (Avira Browser Safety) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-31]
CHR Extension: (Gmail) - C:\Users\*****-***** 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-12] (SUPERAntiSpyware.com) [File not signed]
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdobeActiveFileMonitor5.0; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe [443752 2008-08-18] (DisplayLink Corp.)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S4 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [74752 2011-12-30] (Freemake) [File not signed]
S4 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-26] (Google)
S2 gupdate1ca0ac0f00c0a80; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe [193192 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [598696 2010-01-07] ( )
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S4 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
S4 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
R2 Radio.fx; C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [994360 2011-07-29] (Secunia)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
R2 STacSV; C:\Windows\system32\stacsv.exe [94208 2007-06-13] (SigmaTel, Inc.)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-06-28] (Sony Corporation) [File not signed]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-07-12] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [499712 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation) [File not signed]
R2 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [292152 2007-07-05] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation) [File not signed]
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2007-08-28] (Sony Corporation) [File not signed]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [131072 2007-08-28] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [287856 2008-08-18] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [13424 2008-08-18] (DisplayLink Corp.)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2009-04-30] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-03-14] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
S3 s3017bus; C:\Windows\System32\DRIVERS\s3017bus.sys [83880 2007-12-10] (MCCI Corporation)
S3 s3017mdfl; C:\Windows\System32\DRIVERS\s3017mdfl.sys [15016 2007-12-10] (MCCI Corporation)
S3 s3017mdm; C:\Windows\System32\DRIVERS\s3017mdm.sys [110632 2007-12-10] (MCCI Corporation)
S3 s3017mgmt; C:\Windows\System32\DRIVERS\s3017mgmt.sys [104616 2007-12-10] (MCCI Corporation)
S3 s3017nd5; C:\Windows\System32\DRIVERS\s3017nd5.sys [25512 2007-12-10] (MCCI Corporation)
S3 s3017obex; C:\Windows\System32\DRIVERS\s3017obex.sys [100648 2007-12-10] (MCCI Corporation)
S3 s3017unic; C:\Windows\System32\DRIVERS\s3017unic.sys [110120 2007-12-10] (MCCI Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-06-13] (SigmaTel, Inc.)
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [468096 2007-11-15] (Syntek)
R3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-06] (Texas Instruments)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\*****-~2\AppData\Local\Temp\catchme.sys [X]
S3 dsltestSp5; System32\Drivers\dsltestSp5.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-28 15:06 - 2015-03-28 15:06 - 00007869 _____ () C:\Users\*****-***** 2\Documents\ESET.txt
2015-03-28 11:23 - 2015-03-28 11:23 - 00852604 _____ () C:\Users\*****-*****\Downloads\SecurityCheck.exe
2015-03-28 11:16 - 2015-03-28 11:16 - 02347384 _____ (ESET) C:\Users\*****-*****\Downloads\esetsmartinstaller_deu(1).exe
2015-03-28 11:15 - 2015-03-28 11:15 - 02347384 _____ (ESET) C:\Users\*****-*****\Downloads\esetsmartinstaller_deu.exe
2015-03-27 18:15 - 2015-03-27 18:17 - 60302800 _____ (Sony Corporation ) C:\Users\*****-*****\Downloads\EP0000185336.exe
2015-03-25 17:06 - 2009-05-26 11:35 - 01079840 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpluir.dll
2015-03-25 17:06 - 2009-05-26 11:35 - 00760352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcplui.exe
2015-03-25 17:06 - 2009-05-26 11:35 - 00420384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.cpl
2015-03-25 17:06 - 2009-05-26 11:35 - 00313888 _____ (NVIDIA Corporation) C:\Windows\system32\nvexpbar.dll
2015-03-24 20:50 - 2015-03-24 21:05 - 182414224 _____ (NVIDIA Corporation) C:\Users\*****-*****\Downloads\307.83-notebook-winvista-32bit-international-whql.exe
2015-03-24 20:44 - 2015-03-24 20:44 - 00000000 ____D () C:\Users\*****-***** 2\AppData\Local\Secunia PSI
2015-03-24 20:42 - 2015-03-24 20:42 - 00000000 ____D () C:\Program Files\Nero
2015-03-24 20:29 - 2015-03-24 20:29 - 00000953 _____ () C:\Users\*****-*****\Desktop\firefox - Verknüpfung.lnk
2015-03-24 19:48 - 2015-03-24 20:28 - 00000000 ____D () C:\Users\*****-*****\AppData\Local\Mozilla Firefox
2015-03-24 19:46 - 2015-03-24 19:48 - 40909304 _____ () C:\Users\*****-*****\Downloads\Firefox Setup 36.0.4.exe
2015-03-24 19:37 - 2015-03-24 19:37 - 00453424 _____ (Microsoft Corporation) C:\Users\*****-*****\Downloads\IE9-WindowsVista-x86-enu.exe
2015-03-24 18:21 - 2015-03-24 18:22 - 00000000 ____D () C:\61ecd8660e75c4c583c1
2015-03-23 19:57 - 2015-03-23 19:57 - 00207856 _____ () C:\Windows\Minidump\Mini032315-01.dmp
2015-03-22 19:54 - 2015-03-22 19:55 - 01388672 _____ (Thisisu) C:\Users\*****-*****\Downloads\JRT.exe
2015-03-22 19:24 - 2015-03-22 19:24 - 02171392 _____ () C:\Users\*****-*****\Downloads\AdwCleaner_4.112.exe
2015-03-22 19:21 - 2015-03-22 19:25 - 00001416 _____ () C:\Users\*****-*****\Desktop\mbam.txt
2015-03-22 18:52 - 2015-03-22 18:52 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\*****-*****\Downloads\revosetup95.exe
2015-03-22 11:40 - 2015-03-22 11:40 - 00000000 ____D () C:\Users\*****-*****\Documents\Ulead VideoStudio SE
2015-03-22 11:39 - 2015-03-22 11:39 - 00000000 ____D () C:\Users\*****-*****\Documents\Bluetooth-Exchange-Ordner
2015-03-21 21:03 - 2015-03-24 19:30 - 00065700 _____ () C:\Users\*****-*****\Downloads\Addition.txt
2015-03-21 20:55 - 2015-03-28 15:16 - 00034410 _____ () C:\Users\*****-*****\Downloads\FRST.txt
2015-03-21 20:54 - 2015-03-28 15:14 - 00000000 ____D () C:\FRST
2015-03-21 20:54 - 2015-03-21 20:54 - 01135104 _____ (Farbar) C:\Users\*****-*****\Downloads\FRST.exe
2015-03-21 20:52 - 2015-03-21 20:52 - 02095616 _____ (Farbar) C:\Users\*****-*****\Downloads\FRST64(1).exe
2015-03-21 20:51 - 2015-03-21 20:52 - 02095616 _____ (Farbar) C:\Users\*****-*****\Downloads\FRST64.exe
2015-03-21 20:21 - 2015-03-21 20:21 - 00000000 ____D () C:\Users\*****-***** 2\AppData\Roaming\ASCOMP Software
2015-03-21 20:19 - 2015-03-21 20:19 - 00001942 _____ () C:\Users\Public\Desktop\Secure Eraser.lnk
2015-03-21 20:19 - 2015-03-21 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
2015-03-21 20:19 - 2015-03-21 20:19 - 00000000 ____D () C:\Program Files\ASCOMP Software
2015-03-21 20:13 - 2015-03-21 20:13 - 04233064 _____ (ASCOMP Software GmbH ) C:\Users\*****-*****\Downloads\sEraser4201.exe
2015-03-21 20:13 - 2015-03-21 20:13 - 04233064 _____ (ASCOMP Software GmbH ) C:\Users\*****-*****\Downloads\sEraser4201(1).exe
2015-03-21 19:33 - 2015-03-21 19:33 - 00000552 _____ () C:\Users\*****-*****\AppData\Local\d3d8caps.dat
2015-03-16 19:42 - 2015-03-16 19:42 - 00002972 _____ () C:\Users\*****-*****\Desktop\Fixlist.txt
2015-03-15 21:50 - 2015-03-15 21:50 - 00138584 _____ () C:\Windows\Minidump\Mini031515-01.dmp
2015-03-14 15:25 - 2015-03-22 19:36 - 00000000 ____D () C:\AdwCleaner
2015-03-14 13:02 - 2015-03-14 13:03 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-14 13:00 - 2015-03-14 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-14 13:00 - 2015-03-14 13:00 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-03-14 13:00 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-14 13:00 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-13 23:17 - 2015-03-13 23:17 - 00002080 _____ () C:\Users\*****-*****\Desktop\ComboFix - Verknüpfung.lnk
2015-03-13 22:47 - 2015-03-13 22:49 - 00207325 _____ () C:\Users\*****-***** 2\Desktop\combofix.txt
2015-03-13 22:44 - 2015-03-13 22:44 - 00207509 _____ () C:\ComboFix.txt
2015-03-13 22:06 - 2015-03-13 22:44 - 00000000 ____D () C:\ComboFix
2015-03-13 22:04 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-13 22:04 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-13 22:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-13 22:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-13 22:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-13 22:04 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-13 22:04 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-13 22:04 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-13 22:01 - 2015-03-13 22:44 - 00000000 ____D () C:\Qoobox
2015-03-13 21:24 - 2015-03-13 21:24 - 00000000 ____D () C:\Users\*****-***** 2\AppData\Roaming\Swiss Academic Software
2015-03-13 21:09 - 2015-03-22 18:52 - 00001057 _____ () C:\Users\*****-***** 2\Desktop\Revo Uninstaller.lnk
2015-03-13 21:09 - 2015-03-22 18:52 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-03-13 19:55 - 2015-03-13 19:55 - 00138584 _____ () C:\Windows\Minidump\Mini031315-02.dmp
2015-03-13 19:18 - 2015-03-13 19:18 - 00142704 _____ () C:\Windows\Minidump\Mini031315-01.dmp
2015-03-12 21:34 - 2015-03-12 21:34 - 00007809 _____ () C:\Users\*****-***** 2\Desktop\gmer.txt
2015-03-12 19:48 - 2015-03-12 19:49 - 00000492 _____ () C:\Windows\system32\defogger_disable.log
2015-03-12 19:48 - 2015-03-12 19:48 - 00000000 _____ () C:\Users\*****-***** 2\defogger_reenable
2015-03-11 21:06 - 2015-03-11 21:06 - 00142704 _____ () C:\Windows\Minidump\Mini031115-01.dmp
2015-03-11 19:55 - 2015-01-29 02:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 19:51 - 2015-01-29 02:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 19:44 - 2015-02-26 01:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 17:14 - 2015-02-20 03:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 17:14 - 2015-02-20 01:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 17:10 - 2015-02-26 03:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-11 17:10 - 2015-02-26 03:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 17:10 - 2015-01-09 03:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 17:10 - 2015-01-09 01:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 17:08 - 2015-01-21 03:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 17:05 - 2015-03-06 05:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 17:03 - 2014-10-13 02:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-11 17:02 - 2015-02-18 03:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-10 23:52 - 2015-03-13 22:29 - 00000000 ____D () C:\Program Files\861437cb-3ee3-405d-bcea-149a4dc68fde
2015-03-10 23:51 - 2015-03-11 19:50 - 00000000 ____D () C:\ProgramData\{c5d7b5bd-e56a-bd77-c5d7-7b5bde56d6f7}
2015-03-10 21:26 - 2015-02-21 18:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-10 21:26 - 2015-02-21 18:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-10 21:26 - 2015-02-21 18:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-10 21:26 - 2015-02-21 18:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-10 21:26 - 2015-02-21 18:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-10 21:26 - 2015-02-21 18:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-10 21:26 - 2015-02-21 18:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-10 21:26 - 2015-02-21 18:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-10 21:26 - 2015-02-21 18:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-10 21:26 - 2015-02-21 18:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-10 21:26 - 2015-02-21 18:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-10 21:26 - 2015-02-21 18:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-10 21:26 - 2015-02-21 18:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-10 21:26 - 2015-02-21 18:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-10 21:26 - 2015-02-21 18:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-10 21:26 - 2015-02-21 18:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-10 21:26 - 2015-02-21 18:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-10 21:26 - 2015-02-21 18:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-10 21:26 - 2015-02-21 18:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-10 21:26 - 2015-02-21 18:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-10 21:26 - 2015-02-21 18:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-10 21:26 - 2015-02-21 18:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-09 20:35 - 2015-03-09 20:35 - 00139088 _____ () C:\Windows\Minidump\Mini030915-01.dmp
2015-03-08 11:03 - 2015-03-08 11:03 - 00209608 _____ () C:\Windows\Minidump\Mini030815-01.dmp
2015-03-06 15:42 - 2015-03-06 15:42 - 00001879 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-28 15:14 - 2008-02-06 14:54 - 01761958 _____ () C:\Windows\WindowsUpdate.log
2015-03-28 15:05 - 2013-02-05 20:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-28 14:18 - 2009-07-22 12:50 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-28 13:36 - 2006-11-02 13:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-28 13:36 - 2006-11-02 13:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-28 12:35 - 2011-08-30 05:40 - 00001052 _____ () C:\Windows\Tasks\Google Software Updater.job
2015-03-28 11:56 - 2011-06-30 11:07 - 00001356 _____ () C:\Users\*****-*****\AppData\Local\d3d9caps.dat
2015-03-28 10:20 - 2008-02-16 14:49 - 00002631 _____ () C:\Users\*****-*****\Desktop\Microsoft Office Word 2007.lnk
2015-03-28 10:17 - 2011-01-02 17:31 - 00193670 _____ () C:\ProgramData\lxeascan.log
2015-03-28 10:16 - 2013-07-13 10:20 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7faa4579dfd0.job
2015-03-28 09:44 - 2006-11-02 11:33 - 01623482 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-28 09:36 - 2007-07-20 15:28 - 01563290 _____ () C:\Windows\PFRO.log
2015-03-28 09:36 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-24 21:19 - 2010-08-25 19:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-24 20:26 - 2008-09-01 21:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-24 19:42 - 2007-07-20 16:27 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-24 19:41 - 2008-02-06 16:25 - 00000000 ____D () C:\Users\*****-*****\AppData\Local\Adobe
2015-03-24 19:41 - 2007-07-20 16:27 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-24 19:37 - 2011-06-08 19:12 - 00006435 _____ () C:\Windows\IE9_main.log
2015-03-23 19:57 - 2008-05-16 21:19 - 00000000 ____D () C:\Windows\Minidump
2015-03-23 19:56 - 2010-08-25 18:12 - 278907883 _____ () C:\Windows\MEMORY.DMP
2015-03-23 19:23 - 2008-02-06 16:25 - 00252513 _____ () C:\Users\*****-*****\AppData\Roaming\nvModes.001
2015-03-22 21:43 - 2007-07-20 14:34 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-03-22 21:43 - 2006-11-02 14:01 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-21 20:31 - 2008-02-06 16:25 - 00000000 ____D () C:\Users\*****-*****
2015-03-21 20:23 - 2012-06-01 17:32 - 00000000 ____D () C:\Users\*****-***** 2\AppData\Roaming\Adobe
2015-03-21 20:23 - 2012-05-23 06:59 - 00000000 ____D () C:\Users\*****-***** 2\AppData\Local\Adobe
2015-03-21 19:59 - 2011-07-16 17:42 - 00125952 _____ () C:\Users\*****-*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-21 19:49 - 2009-06-09 20:21 - 00000000 ____D () C:\Users\*****-*****\dwhelper
2015-03-21 19:05 - 2012-06-01 20:49 - 00000017 ____H () C:\Windows\system32\servdat.slm
2015-03-21 13:36 - 2006-11-02 11:22 - 66846720 _____ () C:\Windows\system32\config\software_previous
2015-03-21 13:36 - 2006-11-02 11:22 - 52166656 _____ () C:\Windows\system32\config\system_previous
2015-03-21 13:35 - 2013-07-25 22:43 - 00000000 ____D () C:\ProgramData\Netzmanager
2015-03-21 13:35 - 2013-06-21 13:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-03-21 13:35 - 2012-06-24 10:07 - 00000000 ____D () C:\Users\*****-*****\AppData\Local\Akamai
2015-03-21 13:35 - 2012-05-23 06:59 - 00000000 ____D () C:\Users\*****-***** 2
2015-03-21 13:35 - 2011-05-25 12:59 - 00000000 ____D () C:\ProgramData\Ulead Systems
2015-03-21 13:35 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2015-03-21 13:35 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-03-21 13:35 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2015-03-21 13:29 - 2006-11-02 11:22 - 49283072 _____ () C:\Windows\system32\config\components_previous
2015-03-21 13:29 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2015-03-21 13:27 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2015-03-21 10:32 - 2006-11-02 11:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2015-03-20 19:15 - 2006-11-02 13:52 - 00113370 _____ () C:\Windows\setupact.log
2015-03-14 16:43 - 2015-01-31 17:40 - 00001963 _____ () C:\Users\*****-***** 2\Desktop\Google Chrome.lnk
2015-03-14 16:43 - 2012-05-23 06:59 - 00000944 _____ () C:\Users\*****-***** 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-14 15:29 - 2009-07-22 12:09 - 00000000 ____D () C:\ProgramData\ICQ
2015-03-14 13:00 - 2012-05-07 19:58 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-14 13:00 - 2012-05-07 19:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-13 22:39 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2015-03-13 22:29 - 2012-09-29 13:22 - 00000000 ____D () C:\Program Files\7-Zip2
2015-03-13 22:24 - 2010-03-04 19:47 - 00000000 ____D () C:\ProgramData\TEMP
2015-03-11 20:31 - 2006-11-02 13:47 - 00397352 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 19:54 - 2007-07-20 16:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 19:43 - 2013-07-26 08:36 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 19:01 - 2008-02-06 16:25 - 00252513 _____ () C:\Users\*****-*****\AppData\Roaming\nvModes.dat
2015-03-11 17:16 - 2006-11-02 11:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-10 23:53 - 2012-05-23 06:59 - 00043239 _____ () C:\Users\*****-***** 2\AppData\Roaming\nvModes.001
2015-03-10 20:05 - 2015-02-21 12:36 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-10 20:05 - 2015-02-21 12:36 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-07 21:58 - 2008-02-10 11:56 - 00000000 ____D () C:\Users\*****-*****\AppData\Roaming\Skype
2015-03-07 17:01 - 2011-03-01 16:18 - 00045024 _____ () C:\ProgramData\lxea.log
2015-03-06 15:48 - 2007-07-20 14:51 - 00794682 _____ () C:\Windows\DPINST.LOG
2015-03-06 15:42 - 2007-07-20 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-03-06 15:41 - 2007-07-20 15:01 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-03-01 19:08 - 2010-01-02 10:33 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs

==================== Files in the root of some directories =======

2012-05-23 06:59 - 2015-03-10 23:53 - 0043239 _____ () C:\Users\*****-***** 2\AppData\Roaming\nvModes.001
2012-05-23 06:59 - 2007-08-06 14:21 - 0042479 _____ () C:\Users\*****-***** 2\AppData\Roaming\nvModes.dat
2012-06-30 10:35 - 2012-06-30 10:35 - 0000022 ___SH () C:\Users\*****-***** 2\AppData\Roaming\Windows1569_SettingsRepository.bin
2012-05-23 06:59 - 2015-02-20 20:48 - 0002032 _____ () C:\Users\*****-***** 2\AppData\Local\d3d9caps.dat
2012-05-23 06:59 - 2007-08-06 14:06 - 0018944 _____ () C:\Users\*****-***** 2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-30 10:35 - 2012-06-30 10:35 - 0000000 _____ () C:\Users\*****-***** 2\AppData\Local\jv16PT_temp.tmp
2008-02-21 11:45 - 2008-02-21 11:45 - 0000305 _____ () C:\ProgramData\addr_file.html
2009-02-05 21:42 - 2009-02-05 21:42 - 0000056 _____ () C:\ProgramData\ezsidmv.dat
2011-01-02 17:39 - 2011-01-02 17:39 - 0000252 _____ () C:\ProgramData\FastPics.log
2011-03-01 16:18 - 2015-03-07 17:01 - 0045024 _____ () C:\ProgramData\lxea.log
2011-01-02 17:40 - 2011-01-02 17:42 - 0000438 _____ () C:\ProgramData\lxeaDiagnostics.log
2011-01-02 17:44 - 2011-06-02 09:10 - 0004439 _____ () C:\ProgramData\lxeaJSW.log
2011-01-02 17:31 - 2015-03-28 10:17 - 0193670 _____ () C:\ProgramData\lxeascan.log
2011-01-02 17:27 - 2011-01-02 17:27 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Some content of TEMP:
====================
C:\Users\*****-*****\AppData\Local\temp\avgnt.exe
C:\Users\*****-***** 2\AppData\Local\temp\Quarantine.exe
C:\Users\*****-***** 2\AppData\Local\temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\System32\nsprs.dll
C:\Windows\System32\serauth1.dll
C:\Windows\System32\serauth2.dll
C:\Windows\System32\ssprs.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-28 09:51

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 28.03.2015, 22:03

Alles von Java deinstalliren, dann die aktuelle Java Version installieren.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\*****-*****\AppData\Roaming\PWKN

C:\Users\*****-*****\AppData\Roaming\VM

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe

C:\Users\*****-*****\Downloads\dvdburnersetup.exe

C:\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe

C:\Users\*****-*****\Downloads\FreeYouTubeDownload.exe

C:\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe

C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe

C:\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe

C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe

C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe

C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe

C:\Windows\Installer\183409c.msi

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe

C:\$RECYCLE.BIN
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-26] (Google)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Jami87 · 29.03.2015, 13:00

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by *****-***** 2 at 2015-03-29 13:08:58 Run:1
Running from C:\Users\*****-*****\Downloads
Loaded Profiles: *****-***** & *****-***** 2 (Available profiles: *****-***** & *****-***** 2)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Users\*****-*****\AppData\Roaming\PWKN

C:\Users\*****-*****\AppData\Roaming\VM

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe

C:\Users\*****-*****\Downloads\dvdburnersetup.exe

C:\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe

C:\Users\*****-*****\Downloads\FreeYouTubeDownload.exe

C:\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe

C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe

C:\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe

C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe

C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe

C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe

C:\Windows\Installer\183409c.msi

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe

C:\$RECYCLE.BIN
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-26] (Google)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:
         
*****************

"C:\Users\*****-*****\AppData\Roaming\PWKN" => File/Directory not found.
"C:\Users\*****-*****\AppData\Roaming\VM" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\dvdburnersetup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\FreeYouTubeDownload.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe" => File/Directory not found.
"C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe" => File/Directory not found.
"C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe" => File/Directory not found.
"C:\Windows\Installer\183409c.msi" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe" => File/Directory not found.
C:\$RECYCLE.BIN => Moved successfully.
"C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" => Value Data removed successfully.
"HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
EmptyTemp: => Removed 85.7 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 13:11:25 ====



Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by *****-***** 2 at 2015-03-29 13:08:58 Run:1
Running from C:\Users\*****-*****\Downloads
Loaded Profiles: *****-***** & *****-***** 2 (Available profiles: *****-***** & *****-***** 2)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Users\*****-*****\AppData\Roaming\PWKN

C:\Users\*****-*****\AppData\Roaming\VM

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe

C:\Users\*****-*****\Downloads\dvdburnersetup.exe

C:\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe

C:\Users\*****-*****\Downloads\FreeYouTubeDownload.exe

C:\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe

C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe

C:\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe

C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe

C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe

C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe

C:\Windows\Installer\183409c.msi

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe

C:\$RECYCLE.BIN
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-26] (Google)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:
         
*****************

"C:\Users\*****-*****\AppData\Roaming\PWKN" => File/Directory not found.
"C:\Users\*****-*****\AppData\Roaming\VM" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\dvdburnersetup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\FreeYouTubeDownload.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe" => File/Directory not found.
"C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe" => File/Directory not found.
"C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe" => File/Directory not found.
"C:\Windows\Installer\183409c.msi" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe" => File/Directory not found.
C:\$RECYCLE.BIN => Moved successfully.
"C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" => Value Data removed successfully.
"HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
EmptyTemp: => Removed 85.7 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 13:11:25 ====

Oh, ich hätte die Sternchen erst ersetzen müssn, oder?

Habs jetzt nochmal mit dem Ersetzen gemacht:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by *****-***** 2 at 2015-03-29 13:37:59 Run:2
Running from c:\Users\*****-*****\Downloads
Loaded Profiles: *****-***** & *****-***** 2 (Available profiles: *****-***** & *****-***** 2)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Users\*****-*****\AppData\Roaming\PWKN

C:\Users\*****-*****\AppData\Roaming\VM

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe

C:\Users\*****-*****\Downloads\dvdburnersetup.exe

C:\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe

C:\Users\*****-*****\Downloads\FreeYouTubeDownload.exe

C:\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe

C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe

C:\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe

C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe

C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe

C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe

C:\Windows\Installer\183409c.msi

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe

C:\$RECYCLE.BIN
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-26] (Google)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:
         
*****************

"C:\Users\*****-*****\AppData\Roaming\PWKN" => File/Directory not found.
"C:\Users\*****-*****\AppData\Roaming\VM" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\dvdburnersetup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\FreeYouTubeDownload.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe" => File/Directory not found.
"C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe" => File/Directory not found.
"C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe" => File/Directory not found.
"C:\Windows\Installer\183409c.msi" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe" => File/Directory not found.
C:\$RECYCLE.BIN => Moved successfully.
"C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" => Value Data not found.
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. 
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. 
EmptyTemp: => Removed 892 KB temporary data.


The system needed a reboot. 

==== End of Fixlog 13:38:47 ====

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by *****-***** 2 at 2015-03-29 13:37:59 Run:2
Running from c:\Users\*****-*****\Downloads
Loaded Profiles: *****-***** & *****-***** 2 (Available profiles: *****-***** & *****-***** 2)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Users\*****-*****\AppData\Roaming\PWKN

C:\Users\*****-*****\AppData\Roaming\VM

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe

C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe

C:\Users\*****-*****\Downloads\dvdburnersetup.exe

C:\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe

C:\Users\*****-*****\Downloads\FreeYouTubeDownload.exe

C:\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe

C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe

C:\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe

C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe

C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe

C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe

C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe

C:\Windows\Installer\183409c.msi

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe

C:\$RECYCLE.BIN
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-26] (Google)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:
         
*****************

"C:\Users\*****-*****\AppData\Roaming\PWKN" => File/Directory not found.
"C:\Users\*****-*****\AppData\Roaming\VM" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(1).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_(2).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Downloader_fuer_IBM_SPSS_Statistics_18_.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\dvdburnersetup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\FinalMediaPlayer2014U1Setup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\FreeYouTubeDownload.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\PDFCreator-1_6_2_2_setup.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup19_FreeConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup72_FreeFlvConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(1).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(10).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(11).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(2).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(3).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(4).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(5).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(6).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(7).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(8).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter(9).exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\Setup_FreeFlvConverter.exe" => File/Directory not found.
"C:\Users\*****-*****\Downloads\vlc-1.1.6-win32.exe" => File/Directory not found.
"C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_.exe" => File/Directory not found.
"C:\Users\*****-***** 2\Desktop\IminentSetup_2-KFRPtAWP-1_[1].exe" => File/Directory not found.
"C:\Windows\Installer\183409c.msi" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe" => File/Directory not found.
C:\$RECYCLE.BIN => Moved successfully.
"C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" => Value Data not found.
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. 
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. 
EmptyTemp: => Removed 892 KB temporary data.


The system needed a reboot. 

==== End of Fixlog 13:38:47 ====

23.03.2015, 13:45	#34
schrauber /// the machine /// TB-Ausbilder	Virus/Viren, z.B. SmartSaver eingefangen Mit dem Programm kannste das auch machen. Aber sag mir bitte Bescheid. Wenn Du das machen willst können wir uns die Arbeit hier ja sparen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

24.03.2015, 09:58	#36
schrauber /// the machine /// TB-Ausbilder	Virus/Viren, z.B. SmartSaver eingefangen Das entfernen wir von Hand. Poste bitte das frische FRST log. __________________ --> Virus/Viren, z.B. SmartSaver eingefangen

27.03.2015, 10:35	#40
schrauber /// the machine /// TB-Ausbilder	Virus/Viren, z.B. SmartSaver eingefangen ok. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

28.03.2015, 03:28	#42
schrauber /// the machine /// TB-Ausbilder	Virus/Viren, z.B. SmartSaver eingefangen Nee, nur auf der Platte __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Virus/Viren, z.B. SmartSaver eingefangen

Plagegeister aller Art und deren Bekämpfung: Virus/Viren, z.B. SmartSaver eingefangen