Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Ich kenne mich null mit Viren etc. aus (https://www.trojaner-board.de/156094-kenne-mich-null-viren-etc.html)

Die Larissa 04.07.2014 17:23
Ich kenne mich null mit Viren etc. aus
 
Hallo,
ich habe mich hier nun neu angemeldet und hoffe schnell Hilfe zu bekommen. :)

Mein Laptop fängt sich oft Viren ein die auch von Avira teilweise angezeigt werden.
Ich ignoriere diese Infomationen meistens bis gar nichts mehr geht. :pfeiff:

Vor 2 Jahren oder so hatte ich auch diesen "Bundespolizei" Virus den ich dann selbt weg machen musste.
(Hat dann wohl irgendwie geklappt)

Zu meinem Problem:
Mein Internet ist jetzt sehr langsam und es tauchen die ganze Zeit Fenster mit Werbung auf!
Das nervt mich jetzt, icgh möchte den Kampf gegen die Viren angehen :aufsmaul:

Ich kenne mich null mit den ganzen Zeugs aus ...

Liebe Grüße und schon einmal ein Dankeschön

deeprybka 04.07.2014 17:23
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

Die Larissa 04.07.2014 17:34
Hallo Jürgen,
danke für die Schnelle Hilfe!

Ich hoffe, dass ich alles Richtig gemacht habe:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Larissa (administrator) on LARISSA-VAIO on 04-07-2014 18:29:44
Running from C:\Users\Larissa\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(OptionNV) C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe
(Handle) C:\Users\Larissa\AppData\Roaming\Win System\handle.exe
() C:\Program Files (x86)\Mobogenie\MgAssist.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\-Re-markit-soft\Re-markitaj174.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Users\Larissa\AppData\Local\t4pc_en_6\upt4pc_en_6.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Smartbar) C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.exe
() C:\Program Files (x86)\LPT\srpts.exe
() C:\Program Files (x86)\-Re-markit-soft\Re-markitQ.exe
() C:\Users\Larissa\AppData\Local\LPT\srptm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\ToggleMark\updateToggleMark.exe
() C:\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [775872 2014-02-08] ()
HKLM-x32\...\Run: [fst_de_56] => [X]
HKLM-x32\...\Run: [t4pc_en_6] => "C:\Program Files (x86)\t4pc_en_6\t4pc_en_6.exe"
HKLM-x32\...\Runonce: [DelTr602725] - cmd.exe /c rd /s /q  "C:\Users\Larissa\AppData\Roaming\Speedial" [X]
HKLM-x32\...\RunOnce: [upt4pc_en_6.exe] - C:\Users\Larissa\AppData\Local\t4pc_en_6\upt4pc_en_6.exe -runonce [3341280 2014-06-17] ()
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [Facebook Update] => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [DataMgr] => C:\Users\Larissa\AppData\Roaming\DataMgr\DataMgr.exe [168848 2013-06-26] (HTTO Group, Ltd.)
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [OMESupervisor] => C:\Users\Larissa\AppData\Local\omesuperv.exe [2239256 2013-12-24] ()
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Larissa\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.exe [20760 2014-04-23] (Smartbar)
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\RunOnce: [DelTr602725] - cmd.exe /c rd /s /q  "C:\Users\Larissa\AppData\Roaming\Speedial"
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-24] (Adobe Systems Incorporated)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
AppInit_DLLs-x32: c:\progra~2\suptab\search~1.dll => c:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Packer.exe.lnk
ShortcutTarget: Packer.exe.lnk -> C:\Users\Larissa\AppData\Local\Temp\is-1HN5Q.tmp\Packer.exe (No File)
Startup: C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGA0_Pts8HfsNiDew5eO-S-sBORDYYtETZ9RG5CAG5Hhj9rpfPMaScMlc_TNEdXKDCxmZHq3P1LPFYVIr8GiJu0nPR_sOo530RA,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387732848&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_cmi_14_25_ff&cd=2XzuyEtN2Y1L1QzuzyyEtAzy0EyD0CyD0CtD0A0AtB0E0F0AtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtDtDyE0DyEzy0FtGtDyDyByDtGtCtC0A0BtGzyzzyD0BtGtDyBtC0ByEyC0E0D0ByBtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AzyyD0FyEtDtGtB0C0EzztGyEtDtB0BtG0D0B0A0FtGtCtBtCyDzzzy0F0EyB0BtCyD2Q&cr=1510379252&ir=
SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_cmi_14_25_ff&cd=2XzuyEtN2Y1L1QzuzyyEtAzy0EyD0CyD0CtD0A0AtB0E0F0AtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtDtDyE0DyEzy0FtGtDyDyByDtGtCtC0A0BtGzyzzyD0BtGtDyBtC0ByEyC0E0D0ByBtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AzyyD0FyEtDtGtB0C0EzztGyEtDtB0BtG0D0B0A0FtGtCtBtCyDzzzy0F0EyB0BtCyD2Q&cr=1510379252&ir=
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=13001&tm=385&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
BHO: video MediaPlayer - {11111111-1111-1111-1111-110511951199} - C:\Program Files (x86)\video MediaPlayer\video MediaPlayer-bho64.dll (enter)
BHO: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name - {01F29AE5-D48D-417B-9D00-8A115C23A0EB} - C:\Users\Larissa\AppData\LocalLow\systems ie bho\bho.dll ()
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ToggleMark - {24ac098d-eb44-41b3-abaa-f4bc67d4d64d} - C:\Program Files (x86)\ToggleMark\ToggleMarkbho.dll (ToggleMark)
BHO-x32: Re-markit - {2DE4FF19-E9D6-A7E8-FD7C-52EBFEEC9B12} - C:\Program Files (x86)\-Re-markit-soft\174.dll ()
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Re-markit - {4d5c5a63-c98f-4693-a3dc-5cf708212045} - C:\Program Files (x86)\Re-markit\150.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {963B125B-8B21-49A2-A3A8-E37092276531}} -  No File
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}} -  No File
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: hxxp://www.default-search.net?sid=476&aid=122&itype=n&ver=13001&tm=385&src=hmp
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Larissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Larissa\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll (Bebo Media Ltd)
FF user.js: detected! => C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-02]
FF Extension: ToggleMark - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\{af16abf4-eac1-49b4-93fc-58f6ca799135}.xpi [2014-07-02]
FF HKLM-x32\...\Firefox\Extensions: [linksicle@linksicle.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\extensions\quick_start@gmail.com
FF HKCU\...\Firefox\Extensions: [{1766c545-cec8-4a4d-a869-a22153bec7a3}] - C:\Program Files (x86)\Re-markit\150.xpi
FF HKCU\...\Firefox\Extensions: [{2E8FD54B-FE37-E2EA-34F0-B1A424CDBC84}] - C:\Program Files (x86)\-Re-markit-soft\174.xpi
FF Extension: No Name - C:\Program Files (x86)\-Re-markit-soft\174.xpi [2014-06-22]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage:
CHR Extension: (OfferMosquito) - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-02-15]
CHR Extension: (Re-Markable) - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\knjbfmepegbmbdkabccnkjdmlmpmeoci [2014-04-29]
CHR Extension: (Re-markit) - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldikhgjlphbniijakolmnplbbdiogfn [2014-06-22]
CHR HKCU\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Larissa\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-09-20]
CHR HKCU\...\Chrome\Extension: [gbmdkmlcnbapgegninelmjbfibaghdmk] - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito\ext_offermosquito.crx [2013-12-19]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Larissa\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-03]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Larissa\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [dcpfhaghaadpjpgocojgnlhjcieeooel] - C:\Program Files (x86)\Re-markit\150.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2012-09-20]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-22] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-22] (globalUpdate) [File not signed]
R2 GtDetectSc; C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [809984 2009-05-04] (OptionNV) [File not signed]
R2 HandleService; C:\Users\Larissa\AppData\Roaming\Win System\handle.exe [637952 2014-06-10] (Handle) [File not signed]
S4 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] () [File not signed]
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [33048 2014-04-23] ()
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [63168 2014-02-08] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
U2 Re-markit; C:\Program Files (x86)\-Re-markit-soft\Re-markitaj174.exe [179712 2014-06-22] () [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 Update ToggleMark; C:\Program Files (x86)\ToggleMark\updateToggleMark.exe [318752 2014-07-04] ()
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 Util ToggleMark; C:\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe [318752 2014-07-04] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S4 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-12] () [File not signed]
S4 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [510608 2014-03-05] () [File not signed]
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [X]

==================== Drivers (Whitelisted) ====================

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2013-10-29] () [File not signed]
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [211456 2012-08-18] () [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-25] (Avira Operations GmbH & Co. KG)
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg [41872 2014-06-11] (Aztec Media Inc)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2012-08-18] () [File not signed]
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
S3 swivsp; C:\Windows\System32\DRIVERS\swivspnt.sys [23552 2007-03-26] (Sierra Wireless Inc.) [File not signed]
R1 {af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64; C:\Windows\System32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys [61120 2014-06-09] (StdLib)
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S1 lsnfd; system32\drivers\lsnfd.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 RSPCIESTOR; system32\DRIVERS\RtsPStor.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 18:29 - 2014-07-04 18:30 - 00032276 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-04 18:29 - 2014-07-04 18:29 - 00000000 ____D () C:\FRST
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-06-24 12:50 - 2014-06-24 13:50 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-06-24 12:49 - 2014-06-24 12:49 - 00002504 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-24 12:49 - 2014-06-24 12:49 - 00002442 _____ () C:\Users\Larissa\Desktop\Search.lnk
2014-06-24 12:48 - 2014-06-24 12:49 - 00000000 ____D () C:\Users\Larissa\AppData\Local\LPT
2014-06-24 12:48 - 2014-06-24 12:48 - 00000000 ____D () C:\Users\Larissa\AppData\Local\Smartbar
2014-06-23 00:27 - 2014-06-09 12:15 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys
2014-06-22 23:26 - 2014-07-04 16:30 - 00000000 ____D () C:\Users\Larissa\AppData\Local\t4pc_en_6
2014-06-22 23:26 - 2014-07-02 14:24 - 00000000 ____D () C:\Program Files (x86)\ToggleMark
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T4PC
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\Program Files (x86)\t4pc_en_6
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-22 18:58 - 2014-07-04 12:08 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-06-22 08:56 - 2014-06-22 08:56 - 00000000 ____D () C:\ProgramData\374311380
2014-06-22 08:38 - 2014-06-22 08:41 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Activeris
2014-06-22 07:31 - 2014-06-22 07:31 - 00623616 _____ (Click Me In Limited) C:\Users\Larissa\AppData\Local\nso71F8.tmp
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:32 - 2014-06-22 08:57 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-06-22 06:32 - 2014-06-22 08:53 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-06-22 06:32 - 2014-06-22 08:53 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-06-22 06:32 - 2014-06-22 08:37 - 00002832 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-06-22 06:32 - 2014-06-22 08:37 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-06-22 06:32 - 2014-06-22 08:37 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-06-22 06:32 - 2014-06-22 07:31 - 00000318 _____ () C:\Users\Larissa\AppData\Roaming\aps.uninstall.scan.results
2014-06-22 06:32 - 2014-06-22 06:32 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Speedial
2014-06-22 06:31 - 2014-06-22 06:31 - 00000000 ____D () C:\Users\Larissa\AppData\Local\PennyBee
2014-06-22 06:31 - 2014-06-18 11:44 - 00608179 _____ (Click Me In Limited) C:\Users\Larissa\AppData\Local\AnyProtectScannerSetup.exe
2014-06-22 06:20 - 2014-07-04 18:25 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-22 06:20 - 2014-07-04 18:20 - 00003816 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11.job
2014-06-22 06:20 - 2014-07-04 18:20 - 00002236 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4.job
2014-06-22 06:20 - 2014-07-04 18:20 - 00001552 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1.job
2014-06-22 06:20 - 2014-07-04 18:20 - 00001484 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5.job
2014-06-22 06:20 - 2014-07-04 18:20 - 00001402 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2.job
2014-06-22 06:20 - 2014-07-04 10:50 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-22 06:20 - 2014-06-22 06:21 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-22 06:20 - 2014-06-22 06:20 - 00006846 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11
2014-06-22 06:20 - 2014-06-22 06:20 - 00005476 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3
2014-06-22 06:20 - 2014-06-22 06:20 - 00005266 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4
2014-06-22 06:20 - 2014-06-22 06:20 - 00004582 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1
2014-06-22 06:20 - 2014-06-22 06:20 - 00004514 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5
2014-06-22 06:20 - 2014-06-22 06:20 - 00004432 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2
2014-06-22 06:20 - 2014-06-22 06:20 - 00003904 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-22 06:20 - 2014-06-22 06:20 - 00003650 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-22 06:20 - 2014-06-22 06:20 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-22 06:19 - 2014-07-04 18:20 - 00002446 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3.job
2014-06-22 06:19 - 2014-07-02 13:35 - 00000000 ____D () C:\Program Files (x86)\video MediaPlayer
2014-06-22 06:19 - 2014-06-22 08:56 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-06-22 06:19 - 2014-06-22 06:20 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-22 06:19 - 2014-06-22 06:19 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-22 06:19 - 2014-06-22 06:19 - 00000000 ____D () C:\Users\Larissa\AppData\Local\globalUpdate
2014-06-22 06:18 - 2014-07-04 10:50 - 00000394 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-06-22 06:18 - 2014-06-22 06:18 - 00002986 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-06-22 06:18 - 2014-06-22 06:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-22 06:18 - 2014-06-22 06:18 - 00000000 ____D () C:\Users\Larissa\AppData\Local\SearchProtect
2014-06-22 06:18 - 2014-06-22 06:18 - 00000000 ____D () C:\Program Files (x86)\-Re-markit-soft
2014-06-22 05:40 - 2014-06-22 05:41 - 01392536 _____ () C:\Users\Larissa\Downloads\Setup.exe
2014-06-21 13:21 - 2014-06-22 08:52 - 00000000 ____D () C:\ProgramData\systemk
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Win System
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Settings Manager
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-06-21 13:20 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-06-21 13:17 - 2014-06-21 13:17 - 00357728 _____ (Softonic) C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_3d-fahrschule(1).exe
2014-06-21 13:00 - 2014-06-21 13:00 - 00961360 _____ (Chip Digital GmbH) C:\Users\Larissa\Downloads\3D Fahrschule - CHIP-Installer.exe
2014-06-21 06:37 - 2014-06-21 18:38 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 19:21 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-14 19:21 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-14 19:21 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-14 19:21 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-14 19:21 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-14 19:21 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-14 19:21 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-14 19:21 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-14 19:21 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-14 19:21 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-14 19:21 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-14 19:21 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-14 19:21 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-14 19:21 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-14 19:21 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-14 19:21 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-14 19:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-14 19:21 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 19:21 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 19:21 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-14 19:19 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-14 19:19 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-14 13:51 - 2014-06-20 18:34 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-07 13:11 - 2014-06-14 13:52 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung

==================== One Month Modified Files and Folders =======

2014-07-04 18:30 - 2014-07-04 18:29 - 00032276 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-04 18:29 - 2014-07-04 18:29 - 00000000 ____D () C:\FRST
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-07-04 18:25 - 2014-06-22 06:20 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-04 18:20 - 2014-06-22 06:20 - 00003816 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11.job
2014-07-04 18:20 - 2014-06-22 06:20 - 00002236 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4.job
2014-07-04 18:20 - 2014-06-22 06:20 - 00001552 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1.job
2014-07-04 18:20 - 2014-06-22 06:20 - 00001484 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5.job
2014-07-04 18:20 - 2014-06-22 06:20 - 00001402 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2.job
2014-07-04 18:20 - 2014-06-22 06:19 - 00002446 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3.job
2014-07-04 18:10 - 2013-12-22 19:20 - 00000388 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-07-04 17:58 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-07-04 17:57 - 2012-12-17 17:29 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 17:54 - 2012-03-29 17:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 17:50 - 2012-11-25 16:18 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job
2014-07-04 16:30 - 2014-06-22 23:26 - 00000000 ____D () C:\Users\Larissa\AppData\Local\t4pc_en_6
2014-07-04 16:00 - 2012-07-09 03:50 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job
2014-07-04 13:00 - 2012-07-09 03:50 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job
2014-07-04 12:08 - 2014-06-22 18:58 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-07-04 11:02 - 2012-02-01 19:19 - 01521241 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 10:52 - 2012-03-12 13:16 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{08158E50-22FD-4CF1-BAC4-092B9F4F9693}
2014-07-04 10:50 - 2014-06-22 06:20 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-04 10:50 - 2014-06-22 06:18 - 00000394 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-07-04 10:50 - 2012-11-25 16:18 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job
2014-07-04 10:50 - 2009-07-14 06:51 - 00083581 _____ () C:\Windows\setupact.log
2014-07-03 22:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-03 19:57 - 2012-12-17 17:29 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 16:41 - 2012-02-02 04:14 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-07-03 16:41 - 2012-02-02 04:14 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-07-03 16:41 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 14:24 - 2014-06-22 23:26 - 00000000 ____D () C:\Program Files (x86)\ToggleMark
2014-07-02 13:35 - 2014-06-22 06:19 - 00000000 ____D () C:\Program Files (x86)\video MediaPlayer
2014-07-01 22:18 - 2012-03-13 13:15 - 00000000 ____D () C:\Users\Larissa\AppData\Local\CrashDumps
2014-06-24 14:21 - 2012-08-27 12:21 - 00000000 ___RD () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-06-24 14:21 - 2012-03-12 13:08 - 00000000 ____D () C:\Users\Larissa\Documents\Bluetooth Folder
2014-06-24 13:50 - 2014-06-24 12:50 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-06-24 12:49 - 2014-06-24 12:49 - 00002504 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-24 12:49 - 2014-06-24 12:49 - 00002442 _____ () C:\Users\Larissa\Desktop\Search.lnk
2014-06-24 12:49 - 2014-06-24 12:48 - 00000000 ____D () C:\Users\Larissa\AppData\Local\LPT
2014-06-24 12:48 - 2014-06-24 12:48 - 00000000 ____D () C:\Users\Larissa\AppData\Local\Smartbar
2014-06-24 11:59 - 2013-11-09 15:24 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T4PC
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\Program Files (x86)\t4pc_en_6
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-22 09:07 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 09:07 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-22 09:01 - 2012-02-01 19:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-22 09:01 - 2012-02-01 19:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 09:00 - 2012-02-01 19:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-22 08:57 - 2014-06-22 06:32 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-06-22 08:56 - 2014-06-22 08:56 - 00000000 ____D () C:\ProgramData\374311380
2014-06-22 08:56 - 2014-06-22 06:19 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-06-22 08:55 - 2014-02-08 18:02 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\newnext.me
2014-06-22 08:55 - 2012-03-13 00:15 - 00000000 ____D () C:\Users\Larissa\Tracing
2014-06-22 08:54 - 2012-02-01 19:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-22 08:53 - 2014-06-22 06:32 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-06-22 08:53 - 2014-06-22 06:32 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-06-22 08:53 - 2013-07-20 22:50 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-06-22 08:53 - 2010-11-21 05:47 - 00267932 _____ () C:\Windows\PFRO.log
2014-06-22 08:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 08:52 - 2014-06-21 13:21 - 00000000 ____D () C:\ProgramData\systemk
2014-06-22 08:49 - 2013-07-20 22:51 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-06-22 08:41 - 2014-06-22 08:38 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Activeris
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\Program Files (x86)\3D-Fahrschule Demo
2014-06-22 08:39 - 2013-12-22 19:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 08:37 - 2014-06-22 06:32 - 00002832 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-06-22 08:37 - 2014-06-22 06:32 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-06-22 08:37 - 2014-06-22 06:32 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-06-22 07:31 - 2014-06-22 07:31 - 00623616 _____ (Click Me In Limited) C:\Users\Larissa\AppData\Local\nso71F8.tmp
2014-06-22 07:31 - 2014-06-22 06:32 - 00000318 _____ () C:\Users\Larissa\AppData\Roaming\aps.uninstall.scan.results
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:32 - 2014-06-22 06:32 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Speedial
2014-06-22 06:31 - 2014-06-22 06:31 - 00000000 ____D () C:\Users\Larissa\AppData\Local\PennyBee
2014-06-22 06:21 - 2014-06-22 06:20 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-22 06:20 - 2014-06-22 06:20 - 00006846 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11
2014-06-22 06:20 - 2014-06-22 06:20 - 00005476 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3
2014-06-22 06:20 - 2014-06-22 06:20 - 00005266 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4
2014-06-22 06:20 - 2014-06-22 06:20 - 00004582 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1
2014-06-22 06:20 - 2014-06-22 06:20 - 00004514 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5
2014-06-22 06:20 - 2014-06-22 06:20 - 00004432 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2
2014-06-22 06:20 - 2014-06-22 06:20 - 00003904 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-22 06:20 - 2014-06-22 06:20 - 00003650 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-22 06:20 - 2014-06-22 06:20 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-22 06:20 - 2014-06-22 06:19 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-22 06:20 - 2014-03-29 20:34 - 00000000 ____D () C:\ProgramData\IePluginService
2014-06-22 06:20 - 2014-03-29 20:34 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-22 06:20 - 2013-12-22 19:21 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-06-22 06:20 - 2012-03-12 13:32 - 00001366 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-22 06:20 - 2012-03-12 13:07 - 00001645 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-22 06:19 - 2014-06-22 06:19 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-22 06:19 - 2014-06-22 06:19 - 00000000 ____D () C:\Users\Larissa\AppData\Local\globalUpdate
2014-06-22 06:18 - 2014-06-22 06:18 - 00002986 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-06-22 06:18 - 2014-06-22 06:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-22 06:18 - 2014-06-22 06:18 - 00000000 ____D () C:\Users\Larissa\AppData\Local\SearchProtect
2014-06-22 06:18 - 2014-06-22 06:18 - 00000000 ____D () C:\Program Files (x86)\-Re-markit-soft
2014-06-22 06:18 - 2012-10-03 14:29 - 00000000 _____ () C:\END
2014-06-22 06:18 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-22 06:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-22 05:41 - 2014-06-22 05:40 - 01392536 _____ () C:\Users\Larissa\Downloads\Setup.exe
2014-06-22 05:32 - 2012-06-11 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 18:38 - 2014-06-21 06:37 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Win System
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Settings Manager
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-06-21 13:21 - 2014-06-21 13:20 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-06-21 13:17 - 2014-06-21 13:17 - 00357728 _____ (Softonic) C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_3d-fahrschule(1).exe
2014-06-21 13:00 - 2014-06-21 13:00 - 00961360 _____ (Chip Digital GmbH) C:\Users\Larissa\Downloads\3D Fahrschule - CHIP-Installer.exe
2014-06-20 23:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 18:59 - 2014-05-09 09:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-20 18:58 - 2012-03-12 13:36 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\SoftGrid Client
2014-06-20 18:42 - 2014-04-29 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-20 18:39 - 2014-04-30 03:00 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-20 18:34 - 2014-06-14 13:51 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-19 19:52 - 2012-12-17 17:29 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:52 - 2012-12-17 17:29 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 11:44 - 2014-06-22 06:31 - 00608179 _____ (Click Me In Limited) C:\Users\Larissa\AppData\Local\AnyProtectScannerSetup.exe
2014-06-14 21:46 - 2013-11-09 15:24 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-14 19:15 - 2012-05-17 13:21 - 00000000 ____D () C:\Update
2014-06-14 19:15 - 2012-02-01 19:35 - 00000000 ____D () C:\Program Files\Sony
2014-06-14 13:52 - 2014-06-07 13:11 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung
2014-06-14 13:51 - 2012-03-12 13:06 - 00118024 _____ () C:\Users\Larissa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-09 12:15 - 2014-06-23 00:27 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys
2014-06-08 11:13 - 2014-06-14 19:19 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-14 19:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 13:31 - 2012-04-03 23:59 - 00000000 ____D () C:\Users\Larissa\Documents\Tagebuch

Some content of TEMP:
====================
C:\Users\Freunde\AppData\Local\Temp\AskSLib.dll
C:\Users\Freunde\AppData\Local\Temp\avgnt.exe
C:\Users\Larissa\AppData\Local\Temp\10010023.exe
C:\Users\Larissa\AppData\Local\Temp\APNSetup.exe
C:\Users\Larissa\AppData\Local\Temp\AskSLib.dll
C:\Users\Larissa\AppData\Local\Temp\AutoRun.exe
C:\Users\Larissa\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Larissa\AppData\Local\Temp\avgnt.exe
C:\Users\Larissa\AppData\Local\Temp\BackupSetup.exe
C:\Users\Larissa\AppData\Local\Temp\card_setup.exe
C:\Users\Larissa\AppData\Local\Temp\dgrn.exe
C:\Users\Larissa\AppData\Local\Temp\drm_dyndata_7330004.dll
C:\Users\Larissa\AppData\Local\Temp\EAD1534.exe
C:\Users\Larissa\AppData\Local\Temp\EAD189F.exe
C:\Users\Larissa\AppData\Local\Temp\EAD194A.exe
C:\Users\Larissa\AppData\Local\Temp\EAD22CB.exe
C:\Users\Larissa\AppData\Local\Temp\EAD2D37.exe
C:\Users\Larissa\AppData\Local\Temp\EAD2E21.exe
C:\Users\Larissa\AppData\Local\Temp\EAD39D4.exe
C:\Users\Larissa\AppData\Local\Temp\EAD40E6.exe
C:\Users\Larissa\AppData\Local\Temp\EAD4614.exe
C:\Users\Larissa\AppData\Local\Temp\EAD482.exe
C:\Users\Larissa\AppData\Local\Temp\EAD52E0.exe
C:\Users\Larissa\AppData\Local\Temp\EAD6778.exe
C:\Users\Larissa\AppData\Local\Temp\EAD6BEB.exe
C:\Users\Larissa\AppData\Local\Temp\EAD7879.exe
C:\Users\Larissa\AppData\Local\Temp\EAD7D3A.exe
C:\Users\Larissa\AppData\Local\Temp\EADA1D.exe
C:\Users\Larissa\AppData\Local\Temp\EADA449.exe
C:\Users\Larissa\AppData\Local\Temp\EADAACF.exe
C:\Users\Larissa\AppData\Local\Temp\EADAAD0.exe
C:\Users\Larissa\AppData\Local\Temp\EADACB2.exe
C:\Users\Larissa\AppData\Local\Temp\EADB54A.exe
C:\Users\Larissa\AppData\Local\Temp\EADB634.exe
C:\Users\Larissa\AppData\Local\Temp\EADB663.exe
C:\Users\Larissa\AppData\Local\Temp\EADB7BA.exe
C:\Users\Larissa\AppData\Local\Temp\EADB911.exe
C:\Users\Larissa\AppData\Local\Temp\EADB9BD.exe
C:\Users\Larissa\AppData\Local\Temp\EADBA1A.exe
C:\Users\Larissa\AppData\Local\Temp\EADBB81.exe
C:\Users\Larissa\AppData\Local\Temp\EADBC0D.exe
C:\Users\Larissa\AppData\Local\Temp\EADBC7B.exe
C:\Users\Larissa\AppData\Local\Temp\EADBC7C.exe
C:\Users\Larissa\AppData\Local\Temp\EADC12C.exe
C:\Users\Larissa\AppData\Local\Temp\EADC1C8.exe
C:\Users\Larissa\AppData\Local\Temp\EADC2C1.exe
C:\Users\Larissa\AppData\Local\Temp\EADC31F.exe
C:\Users\Larissa\AppData\Local\Temp\EADC551.exe
C:\Users\Larissa\AppData\Local\Temp\EADC5E.exe
C:\Users\Larissa\AppData\Local\Temp\EADC9E3.exe
C:\Users\Larissa\AppData\Local\Temp\EADCB2A.exe
C:\Users\Larissa\AppData\Local\Temp\EADCE36.exe
C:\Users\Larissa\AppData\Local\Temp\EADD24B.exe
C:\Users\Larissa\AppData\Local\Temp\EADD9F9.exe
C:\Users\Larissa\AppData\Local\Temp\EADDF65.exe
C:\Users\Larissa\AppData\Local\Temp\EADE168.exe
C:\Users\Larissa\AppData\Local\Temp\EADE2EE.exe
C:\Users\Larissa\AppData\Local\Temp\EADE771.exe
C:\Users\Larissa\AppData\Local\Temp\EADF324.exe
C:\Users\Larissa\AppData\Local\Temp\EADFCC.exe
C:\Users\Larissa\AppData\Local\Temp\EAInstall.dll
C:\Users\Larissa\AppData\Local\Temp\eauninstall.exe
C:\Users\Larissa\AppData\Local\Temp\FoxySecure_IE_FF_12-02-2014_Version_5_Setup.exe
C:\Users\Larissa\AppData\Local\Temp\IminentSetup.exe
C:\Users\Larissa\AppData\Local\Temp\linksicle-setup-1-8-2-0-NEW.exe
C:\Users\Larissa\AppData\Local\Temp\Mobogenie_Setup_2-1-37_610.exe
C:\Users\Larissa\AppData\Local\Temp\optprosetup.exe
C:\Users\Larissa\AppData\Local\Temp\pennybee.exe
C:\Users\Larissa\AppData\Local\Temp\PicasaUpdater_6a.exe
C:\Users\Larissa\AppData\Local\Temp\SeeSimilarSetup.exe
C:\Users\Larissa\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Larissa\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Larissa\AppData\Local\Temp\tbDVDV.dll
C:\Users\Larissa\AppData\Local\Temp\The Sims Pet Stories_uninst.exe
C:\Users\Larissa\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Larissa\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Larissa\AppData\Local\Temp\VIS_DE-2013-12-13.exe
C:\Users\Larissa\AppData\Local\Temp\_isE3F6.exe
C:\Users\Larissa\AppData\Local\Temp\_ReMarkit_up.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-01 22:47

==================== End Of Log ============================
--- --- ---

deeprybka 04.07.2014 17:42
Hi, fast perfekt...Fehlt noch die Addition.txt... ;)

Wenn Du sie nicht findest (liegt im Download-Verzeichnis), dann nochmal das hier:

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Die Larissa 04.07.2014 17:50
Soo, hier kommt erst mal der 1. und den 2. schick ich gleich :)
Ist sonst zu lang...


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Larissa (administrator) on LARISSA-VAIO on 04-07-2014 18:43:51
Running from C:\Users\Larissa\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(OptionNV) C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe
(Handle) C:\Users\Larissa\AppData\Roaming\Win System\handle.exe
() C:\Program Files (x86)\Mobogenie\MgAssist.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\-Re-markit-soft\Re-markitaj174.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Users\Larissa\AppData\Local\t4pc_en_6\upt4pc_en_6.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Smartbar) C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.exe
() C:\Program Files (x86)\LPT\srpts.exe
() C:\Program Files (x86)\-Re-markit-soft\Re-markitQ.exe
() C:\Users\Larissa\AppData\Local\LPT\srptm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\ToggleMark\updateToggleMark.exe
() C:\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [775872 2014-02-08] ()
HKLM-x32\...\Run: [fst_de_56] => [X]
HKLM-x32\...\Run: [t4pc_en_6] => "C:\Program Files (x86)\t4pc_en_6\t4pc_en_6.exe"
HKLM-x32\...\Runonce: [DelTr602725] - cmd.exe /c rd /s /q  "C:\Users\Larissa\AppData\Roaming\Speedial" [X]
HKLM-x32\...\RunOnce: [upt4pc_en_6.exe] - C:\Users\Larissa\AppData\Local\t4pc_en_6\upt4pc_en_6.exe -runonce [3341280 2014-06-17] ()
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [Facebook Update] => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [DataMgr] => C:\Users\Larissa\AppData\Roaming\DataMgr\DataMgr.exe [168848 2013-06-26] (HTTO Group, Ltd.)
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [OMESupervisor] => C:\Users\Larissa\AppData\Local\omesuperv.exe [2239256 2013-12-24] ()
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Larissa\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.exe [20760 2014-04-23] (Smartbar)
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\RunOnce: [DelTr602725] - cmd.exe /c rd /s /q  "C:\Users\Larissa\AppData\Roaming\Speedial"
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-24] (Adobe Systems Incorporated)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
AppInit_DLLs-x32: c:\progra~2\suptab\search~1.dll => c:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Packer.exe.lnk
ShortcutTarget: Packer.exe.lnk -> C:\Users\Larissa\AppData\Local\Temp\is-1HN5Q.tmp\Packer.exe (No File)
Startup: C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGA0_Pts8HfsNiDew5eO-S-sBORDYYtETZ9RG5CAG5Hhj9rpfPMaScMlc_TNEdXKDCxmZHq3P1LPFYVIr8GiJu0nPR_sOo530RA,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387732848&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_cmi_14_25_ff&cd=2XzuyEtN2Y1L1QzuzyyEtAzy0EyD0CyD0CtD0A0AtB0E0F0AtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtDtDyE0DyEzy0FtGtDyDyByDtGtCtC0A0BtGzyzzyD0BtGtDyBtC0ByEyC0E0D0ByBtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AzyyD0FyEtDtGtB0C0EzztGyEtDtB0BtG0D0B0A0FtGtCtBtCyDzzzy0F0EyB0BtCyD2Q&cr=1510379252&ir=
SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403410791&from=tugs&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXR1CB1X1042X1042&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_cmi_14_25_ff&cd=2XzuyEtN2Y1L1QzuzyyEtAzy0EyD0CyD0CtD0A0AtB0E0F0AtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtDtDyE0DyEzy0FtGtDyDyByDtGtCtC0A0BtGzyzzyD0BtGtDyBtC0ByEyC0E0D0ByBtCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AzyyD0FyEtDtGtB0C0EzztGyEtDtB0BtG0D0B0A0FtGtCtBtCyDzzzy0F0EyB0BtCyD2Q&cr=1510379252&ir=
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=13001&tm=385&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK02_ksL2_MLy1sX1iWGcO6-WQXsYLBdd-o1fzy-8Ty120u_iC5ObSjKqTK1mFo_qkeykxTR3jmEg6kCvP-uZVZ_mB-AR5l1eygK-zYAIW9-GOw2nAGxQcQVcrB1brLxNugyZPyEB2xH3EOdK3Nk0UzSNo1YUQF-AzzFN9VJxGpDeDWLU15nh5SNB1z7e6BfH2DWrMkm2fgRgLxxhkdY,&q={searchTerms}
BHO: video MediaPlayer - {11111111-1111-1111-1111-110511951199} - C:\Program Files (x86)\video MediaPlayer\video MediaPlayer-bho64.dll (enter)
BHO: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name - {01F29AE5-D48D-417B-9D00-8A115C23A0EB} - C:\Users\Larissa\AppData\LocalLow\systems ie bho\bho.dll ()
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ToggleMark - {24ac098d-eb44-41b3-abaa-f4bc67d4d64d} - C:\Program Files (x86)\ToggleMark\ToggleMarkbho.dll (ToggleMark)
BHO-x32: Re-markit - {2DE4FF19-E9D6-A7E8-FD7C-52EBFEEC9B12} - C:\Program Files (x86)\-Re-markit-soft\174.dll ()
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Re-markit - {4d5c5a63-c98f-4693-a3dc-5cf708212045} - C:\Program Files (x86)\Re-markit\150.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {963B125B-8B21-49A2-A3A8-E37092276531}} -  No File
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}} -  No File
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: hxxp://www.default-search.net?sid=476&aid=122&itype=n&ver=13001&tm=385&src=hmp
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Larissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Larissa\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll (Bebo Media Ltd)
FF user.js: detected! => C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-02]
FF Extension: ToggleMark - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\{af16abf4-eac1-49b4-93fc-58f6ca799135}.xpi [2014-07-02]
FF HKLM-x32\...\Firefox\Extensions: [linksicle@linksicle.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\extensions\quick_start@gmail.com
FF HKCU\...\Firefox\Extensions: [{1766c545-cec8-4a4d-a869-a22153bec7a3}] - C:\Program Files (x86)\Re-markit\150.xpi
FF HKCU\...\Firefox\Extensions: [{2E8FD54B-FE37-E2EA-34F0-B1A424CDBC84}] - C:\Program Files (x86)\-Re-markit-soft\174.xpi
FF Extension: No Name - C:\Program Files (x86)\-Re-markit-soft\174.xpi [2014-06-22]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage:
CHR Extension: (OfferMosquito) - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-02-15]
CHR Extension: (Re-Markable) - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\knjbfmepegbmbdkabccnkjdmlmpmeoci [2014-04-29]
CHR Extension: (Re-markit) - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldikhgjlphbniijakolmnplbbdiogfn [2014-06-22]
CHR HKCU\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Larissa\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-09-20]
CHR HKCU\...\Chrome\Extension: [gbmdkmlcnbapgegninelmjbfibaghdmk] - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito\ext_offermosquito.crx [2013-12-19]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Larissa\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-03]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Larissa\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [dcpfhaghaadpjpgocojgnlhjcieeooel] - C:\Program Files (x86)\Re-markit\150.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2012-09-20]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-22] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-22] (globalUpdate) [File not signed]
R2 GtDetectSc; C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [809984 2009-05-04] (OptionNV) [File not signed]
R2 HandleService; C:\Users\Larissa\AppData\Roaming\Win System\handle.exe [637952 2014-06-10] (Handle) [File not signed]
S4 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] () [File not signed]
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [33048 2014-04-23] ()
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [63168 2014-02-08] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
U2 Re-markit; C:\Program Files (x86)\-Re-markit-soft\Re-markitaj174.exe [179712 2014-06-22] () [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 Update ToggleMark; C:\Program Files (x86)\ToggleMark\updateToggleMark.exe [318752 2014-07-04] ()
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 Util ToggleMark; C:\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe [318752 2014-07-04] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S4 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-12] () [File not signed]
S4 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [510608 2014-03-05] () [File not signed]
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [X]

==================== Drivers (Whitelisted) ====================

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2013-10-29] () [File not signed]
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [211456 2012-08-18] () [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-25] (Avira Operations GmbH & Co. KG)
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg [41872 2014-06-11] (Aztec Media Inc)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2012-08-18] () [File not signed]
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
S3 swivsp; C:\Windows\System32\DRIVERS\swivspnt.sys [23552 2007-03-26] (Sierra Wireless Inc.) [File not signed]
R1 {af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64; C:\Windows\System32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys [61120 2014-06-09] (StdLib)
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S1 lsnfd; system32\drivers\lsnfd.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 RSPCIESTOR; system32\DRIVERS\RtsPStor.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 18:31 - 2014-07-04 18:33 - 00068522 _____ () C:\Users\Larissa\Downloads\Addition.txt
2014-07-04 18:29 - 2014-07-04 18:44 - 00032276 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-04 18:29 - 2014-07-04 18:43 - 00000000 ____D () C:\FRST
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-06-24 12:50 - 2014-06-24 13:50 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-06-24 12:49 - 2014-06-24 12:49 - 00002504 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-24 12:49 - 2014-06-24 12:49 - 00002442 _____ () C:\Users\Larissa\Desktop\Search.lnk
2014-06-24 12:48 - 2014-06-24 12:49 - 00000000 ____D () C:\Users\Larissa\AppData\Local\LPT
2014-06-24 12:48 - 2014-06-24 12:48 - 00000000 ____D () C:\Users\Larissa\AppData\Local\Smartbar
2014-06-23 00:27 - 2014-06-09 12:15 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys
2014-06-22 23:26 - 2014-07-04 16:30 - 00000000 ____D () C:\Users\Larissa\AppData\Local\t4pc_en_6
2014-06-22 23:26 - 2014-07-02 14:24 - 00000000 ____D () C:\Program Files (x86)\ToggleMark
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T4PC
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\Program Files (x86)\t4pc_en_6
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-22 18:58 - 2014-07-04 12:08 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-06-22 08:56 - 2014-06-22 08:56 - 00000000 ____D () C:\ProgramData\374311380
2014-06-22 08:38 - 2014-06-22 08:41 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Activeris
2014-06-22 07:31 - 2014-06-22 07:31 - 00623616 _____ (Click Me In Limited) C:\Users\Larissa\AppData\Local\nso71F8.tmp
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:32 - 2014-06-22 08:57 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-06-22 06:32 - 2014-06-22 08:53 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-06-22 06:32 - 2014-06-22 08:53 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-06-22 06:32 - 2014-06-22 08:37 - 00002832 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-06-22 06:32 - 2014-06-22 08:37 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-06-22 06:32 - 2014-06-22 08:37 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-06-22 06:32 - 2014-06-22 07:31 - 00000318 _____ () C:\Users\Larissa\AppData\Roaming\aps.uninstall.scan.results
2014-06-22 06:32 - 2014-06-22 06:32 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Speedial
2014-06-22 06:31 - 2014-06-22 06:31 - 00000000 ____D () C:\Users\Larissa\AppData\Local\PennyBee
2014-06-22 06:31 - 2014-06-18 11:44 - 00608179 _____ (Click Me In Limited) C:\Users\Larissa\AppData\Local\AnyProtectScannerSetup.exe
2014-06-22 06:20 - 2014-07-04 18:25 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-22 06:20 - 2014-07-04 18:20 - 00003816 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11.job
2014-06-22 06:20 - 2014-07-04 18:20 - 00002236 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4.job
2014-06-22 06:20 - 2014-07-04 18:20 - 00001552 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1.job
2014-06-22 06:20 - 2014-07-04 18:20 - 00001484 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5.job
2014-06-22 06:20 - 2014-07-04 18:20 - 00001402 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2.job
2014-06-22 06:20 - 2014-07-04 10:50 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-22 06:20 - 2014-06-22 06:21 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-22 06:20 - 2014-06-22 06:20 - 00006846 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11
2014-06-22 06:20 - 2014-06-22 06:20 - 00005476 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3
2014-06-22 06:20 - 2014-06-22 06:20 - 00005266 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4
2014-06-22 06:20 - 2014-06-22 06:20 - 00004582 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1
2014-06-22 06:20 - 2014-06-22 06:20 - 00004514 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5
2014-06-22 06:20 - 2014-06-22 06:20 - 00004432 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2
2014-06-22 06:20 - 2014-06-22 06:20 - 00003904 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-22 06:20 - 2014-06-22 06:20 - 00003650 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-22 06:20 - 2014-06-22 06:20 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-22 06:19 - 2014-07-04 18:20 - 00002446 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3.job
2014-06-22 06:19 - 2014-07-02 13:35 - 00000000 ____D () C:\Program Files (x86)\video MediaPlayer
2014-06-22 06:19 - 2014-06-22 08:56 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-06-22 06:19 - 2014-06-22 06:20 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-22 06:19 - 2014-06-22 06:19 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-22 06:19 - 2014-06-22 06:19 - 00000000 ____D () C:\Users\Larissa\AppData\Local\globalUpdate
2014-06-22 06:18 - 2014-07-04 10:50 - 00000394 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-06-22 06:18 - 2014-06-22 06:18 - 00002986 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-06-22 06:18 - 2014-06-22 06:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-22 06:18 - 2014-06-22 06:18 - 00000000 ____D () C:\Users\Larissa\AppData\Local\SearchProtect
2014-06-22 06:18 - 2014-06-22 06:18 - 00000000 ____D () C:\Program Files (x86)\-Re-markit-soft
2014-06-22 05:40 - 2014-06-22 05:41 - 01392536 _____ () C:\Users\Larissa\Downloads\Setup.exe
2014-06-21 13:21 - 2014-06-22 08:52 - 00000000 ____D () C:\ProgramData\systemk
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Win System
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Settings Manager
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-06-21 13:20 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-06-21 13:17 - 2014-06-21 13:17 - 00357728 _____ (Softonic) C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_3d-fahrschule(1).exe
2014-06-21 13:00 - 2014-06-21 13:00 - 00961360 _____ (Chip Digital GmbH) C:\Users\Larissa\Downloads\3D Fahrschule - CHIP-Installer.exe
2014-06-21 06:37 - 2014-06-21 18:38 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 19:21 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-14 19:21 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-14 19:21 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-14 19:21 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-14 19:21 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-14 19:21 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-14 19:21 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-14 19:21 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-14 19:21 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-14 19:21 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-14 19:21 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-14 19:21 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-14 19:21 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-14 19:21 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-14 19:21 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-14 19:21 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-14 19:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-14 19:21 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 19:21 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 19:21 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-14 19:19 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-14 19:19 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-14 13:51 - 2014-06-20 18:34 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-07 13:11 - 2014-06-14 13:52 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung

==================== One Month Modified Files and Folders =======

2014-07-04 18:44 - 2014-07-04 18:29 - 00032276 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-04 18:43 - 2014-07-04 18:29 - 00000000 ____D () C:\FRST
2014-07-04 18:33 - 2014-07-04 18:31 - 00068522 _____ () C:\Users\Larissa\Downloads\Addition.txt
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-07-04 18:25 - 2014-06-22 06:20 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-04 18:20 - 2014-06-22 06:20 - 00003816 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11.job
2014-07-04 18:20 - 2014-06-22 06:20 - 00002236 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4.job
2014-07-04 18:20 - 2014-06-22 06:20 - 00001552 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1.job
2014-07-04 18:20 - 2014-06-22 06:20 - 00001484 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5.job
2014-07-04 18:20 - 2014-06-22 06:20 - 00001402 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2.job
2014-07-04 18:20 - 2014-06-22 06:19 - 00002446 _____ () C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3.job
2014-07-04 18:10 - 2013-12-22 19:20 - 00000388 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-07-04 17:58 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-07-04 17:57 - 2012-12-17 17:29 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 17:54 - 2012-03-29 17:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 17:50 - 2012-11-25 16:18 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job
2014-07-04 16:30 - 2014-06-22 23:26 - 00000000 ____D () C:\Users\Larissa\AppData\Local\t4pc_en_6
2014-07-04 16:00 - 2012-07-09 03:50 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job
2014-07-04 13:00 - 2012-07-09 03:50 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job
2014-07-04 12:08 - 2014-06-22 18:58 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-07-04 11:02 - 2012-02-01 19:19 - 01521241 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 10:52 - 2012-03-12 13:16 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{08158E50-22FD-4CF1-BAC4-092B9F4F9693}
2014-07-04 10:50 - 2014-06-22 06:20 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-04 10:50 - 2014-06-22 06:18 - 00000394 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-07-04 10:50 - 2012-11-25 16:18 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job
2014-07-04 10:50 - 2009-07-14 06:51 - 00083581 _____ () C:\Windows\setupact.log
2014-07-03 22:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-03 19:57 - 2012-12-17 17:29 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 16:41 - 2012-02-02 04:14 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-07-03 16:41 - 2012-02-02 04:14 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-07-03 16:41 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 14:24 - 2014-06-22 23:26 - 00000000 ____D () C:\Program Files (x86)\ToggleMark
2014-07-02 13:35 - 2014-06-22 06:19 - 00000000 ____D () C:\Program Files (x86)\video MediaPlayer
2014-07-01 22:18 - 2012-03-13 13:15 - 00000000 ____D () C:\Users\Larissa\AppData\Local\CrashDumps
2014-06-24 14:21 - 2012-08-27 12:21 - 00000000 ___RD () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-06-24 14:21 - 2012-03-12 13:08 - 00000000 ____D () C:\Users\Larissa\Documents\Bluetooth Folder
2014-06-24 13:50 - 2014-06-24 12:50 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-06-24 12:49 - 2014-06-24 12:49 - 00002504 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-24 12:49 - 2014-06-24 12:49 - 00002442 _____ () C:\Users\Larissa\Desktop\Search.lnk
2014-06-24 12:49 - 2014-06-24 12:48 - 00000000 ____D () C:\Users\Larissa\AppData\Local\LPT
2014-06-24 12:48 - 2014-06-24 12:48 - 00000000 ____D () C:\Users\Larissa\AppData\Local\Smartbar
2014-06-24 11:59 - 2013-11-09 15:24 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T4PC
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\Program Files (x86)\t4pc_en_6
2014-06-22 23:26 - 2014-06-22 23:26 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-22 09:07 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 09:07 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-22 09:01 - 2012-02-01 19:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-22 09:01 - 2012-02-01 19:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 09:00 - 2012-02-01 19:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-22 08:57 - 2014-06-22 06:32 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-06-22 08:56 - 2014-06-22 08:56 - 00000000 ____D () C:\ProgramData\374311380
2014-06-22 08:56 - 2014-06-22 06:19 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-06-22 08:55 - 2014-02-08 18:02 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\newnext.me
2014-06-22 08:55 - 2012-03-13 00:15 - 00000000 ____D () C:\Users\Larissa\Tracing
2014-06-22 08:54 - 2012-02-01 19:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-22 08:53 - 2014-06-22 06:32 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-06-22 08:53 - 2014-06-22 06:32 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-06-22 08:53 - 2013-07-20 22:50 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-06-22 08:53 - 2010-11-21 05:47 - 00267932 _____ () C:\Windows\PFRO.log
2014-06-22 08:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 08:52 - 2014-06-21 13:21 - 00000000 ____D () C:\ProgramData\systemk
2014-06-22 08:49 - 2013-07-20 22:51 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-06-22 08:41 - 2014-06-22 08:38 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Activeris
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\Program Files (x86)\3D-Fahrschule Demo
2014-06-22 08:39 - 2013-12-22 19:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 08:37 - 2014-06-22 06:32 - 00002832 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-06-22 08:37 - 2014-06-22 06:32 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-06-22 08:37 - 2014-06-22 06:32 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-06-22 07:31 - 2014-06-22 07:31 - 00623616 _____ (Click Me In Limited) C:\Users\Larissa\AppData\Local\nso71F8.tmp
2014-06-22 07:31 - 2014-06-22 06:32 - 00000318 _____ () C:\Users\Larissa\AppData\Roaming\aps.uninstall.scan.results
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:32 - 2014-06-22 06:32 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Speedial
2014-06-22 06:31 - 2014-06-22 06:31 - 00000000 ____D () C:\Users\Larissa\AppData\Local\PennyBee
2014-06-22 06:21 - 2014-06-22 06:20 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-22 06:20 - 2014-06-22 06:20 - 00006846 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11
2014-06-22 06:20 - 2014-06-22 06:20 - 00005476 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3
2014-06-22 06:20 - 2014-06-22 06:20 - 00005266 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4
2014-06-22 06:20 - 2014-06-22 06:20 - 00004582 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1
2014-06-22 06:20 - 2014-06-22 06:20 - 00004514 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5
2014-06-22 06:20 - 2014-06-22 06:20 - 00004432 _____ () C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2
2014-06-22 06:20 - 2014-06-22 06:20 - 00003904 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-22 06:20 - 2014-06-22 06:20 - 00003650 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-22 06:20 - 2014-06-22 06:20 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-22 06:20 - 2014-06-22 06:19 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-22 06:20 - 2014-03-29 20:34 - 00000000 ____D () C:\ProgramData\IePluginService
2014-06-22 06:20 - 2014-03-29 20:34 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-22 06:20 - 2013-12-22 19:21 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-06-22 06:20 - 2012-03-12 13:32 - 00001366 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-22 06:20 - 2012-03-12 13:07 - 00001645 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-22 06:19 - 2014-06-22 06:19 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-22 06:19 - 2014-06-22 06:19 - 00000000 ____D () C:\Users\Larissa\AppData\Local\globalUpdate
2014-06-22 06:18 - 2014-06-22 06:18 - 00002986 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-06-22 06:18 - 2014-06-22 06:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-22 06:18 - 2014-06-22 06:18 - 00000000 ____D () C:\Users\Larissa\AppData\Local\SearchProtect
2014-06-22 06:18 - 2014-06-22 06:18 - 00000000 ____D () C:\Program Files (x86)\-Re-markit-soft
2014-06-22 06:18 - 2012-10-03 14:29 - 00000000 _____ () C:\END
2014-06-22 06:18 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-22 06:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-22 05:41 - 2014-06-22 05:40 - 01392536 _____ () C:\Users\Larissa\Downloads\Setup.exe
2014-06-22 05:32 - 2012-06-11 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 18:38 - 2014-06-21 06:37 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Win System
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Settings Manager
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-06-21 13:21 - 2014-06-21 13:20 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-06-21 13:17 - 2014-06-21 13:17 - 00357728 _____ (Softonic) C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_3d-fahrschule(1).exe
2014-06-21 13:00 - 2014-06-21 13:00 - 00961360 _____ (Chip Digital GmbH) C:\Users\Larissa\Downloads\3D Fahrschule - CHIP-Installer.exe
2014-06-20 23:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 18:59 - 2014-05-09 09:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-20 18:58 - 2012-03-12 13:36 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\SoftGrid Client
2014-06-20 18:42 - 2014-04-29 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-20 18:39 - 2014-04-30 03:00 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-20 18:34 - 2014-06-14 13:51 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-19 19:52 - 2012-12-17 17:29 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:52 - 2012-12-17 17:29 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 11:44 - 2014-06-22 06:31 - 00608179 _____ (Click Me In Limited) C:\Users\Larissa\AppData\Local\AnyProtectScannerSetup.exe
2014-06-14 21:46 - 2013-11-09 15:24 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-14 19:15 - 2012-05-17 13:21 - 00000000 ____D () C:\Update
2014-06-14 19:15 - 2012-02-01 19:35 - 00000000 ____D () C:\Program Files\Sony
2014-06-14 13:52 - 2014-06-07 13:11 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung
2014-06-14 13:51 - 2012-03-12 13:06 - 00118024 _____ () C:\Users\Larissa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-09 12:15 - 2014-06-23 00:27 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys
2014-06-08 11:13 - 2014-06-14 19:19 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-14 19:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 13:31 - 2012-04-03 23:59 - 00000000 ____D () C:\Users\Larissa\Documents\Tagebuch

Some content of TEMP:
====================
C:\Users\Freunde\AppData\Local\Temp\AskSLib.dll
C:\Users\Freunde\AppData\Local\Temp\avgnt.exe
C:\Users\Larissa\AppData\Local\Temp\10010023.exe
C:\Users\Larissa\AppData\Local\Temp\APNSetup.exe
C:\Users\Larissa\AppData\Local\Temp\AskSLib.dll
C:\Users\Larissa\AppData\Local\Temp\AutoRun.exe
C:\Users\Larissa\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Larissa\AppData\Local\Temp\avgnt.exe
C:\Users\Larissa\AppData\Local\Temp\BackupSetup.exe
C:\Users\Larissa\AppData\Local\Temp\card_setup.exe
C:\Users\Larissa\AppData\Local\Temp\dgrn.exe
C:\Users\Larissa\AppData\Local\Temp\drm_dyndata_7330004.dll
C:\Users\Larissa\AppData\Local\Temp\EAD1534.exe
C:\Users\Larissa\AppData\Local\Temp\EAD189F.exe
C:\Users\Larissa\AppData\Local\Temp\EAD194A.exe
C:\Users\Larissa\AppData\Local\Temp\EAD22CB.exe
C:\Users\Larissa\AppData\Local\Temp\EAD2D37.exe
C:\Users\Larissa\AppData\Local\Temp\EAD2E21.exe
C:\Users\Larissa\AppData\Local\Temp\EAD39D4.exe
C:\Users\Larissa\AppData\Local\Temp\EAD40E6.exe
C:\Users\Larissa\AppData\Local\Temp\EAD4614.exe
C:\Users\Larissa\AppData\Local\Temp\EAD482.exe
C:\Users\Larissa\AppData\Local\Temp\EAD52E0.exe
C:\Users\Larissa\AppData\Local\Temp\EAD6778.exe
C:\Users\Larissa\AppData\Local\Temp\EAD6BEB.exe
C:\Users\Larissa\AppData\Local\Temp\EAD7879.exe
C:\Users\Larissa\AppData\Local\Temp\EAD7D3A.exe
C:\Users\Larissa\AppData\Local\Temp\EADA1D.exe
C:\Users\Larissa\AppData\Local\Temp\EADA449.exe
C:\Users\Larissa\AppData\Local\Temp\EADAACF.exe
C:\Users\Larissa\AppData\Local\Temp\EADAAD0.exe
C:\Users\Larissa\AppData\Local\Temp\EADACB2.exe
C:\Users\Larissa\AppData\Local\Temp\EADB54A.exe
C:\Users\Larissa\AppData\Local\Temp\EADB634.exe
C:\Users\Larissa\AppData\Local\Temp\EADB663.exe
C:\Users\Larissa\AppData\Local\Temp\EADB7BA.exe
C:\Users\Larissa\AppData\Local\Temp\EADB911.exe
C:\Users\Larissa\AppData\Local\Temp\EADB9BD.exe
C:\Users\Larissa\AppData\Local\Temp\EADBA1A.exe
C:\Users\Larissa\AppData\Local\Temp\EADBB81.exe
C:\Users\Larissa\AppData\Local\Temp\EADBC0D.exe
C:\Users\Larissa\AppData\Local\Temp\EADBC7B.exe
C:\Users\Larissa\AppData\Local\Temp\EADBC7C.exe
C:\Users\Larissa\AppData\Local\Temp\EADC12C.exe
C:\Users\Larissa\AppData\Local\Temp\EADC1C8.exe
C:\Users\Larissa\AppData\Local\Temp\EADC2C1.exe
C:\Users\Larissa\AppData\Local\Temp\EADC31F.exe
C:\Users\Larissa\AppData\Local\Temp\EADC551.exe
C:\Users\Larissa\AppData\Local\Temp\EADC5E.exe
C:\Users\Larissa\AppData\Local\Temp\EADC9E3.exe
C:\Users\Larissa\AppData\Local\Temp\EADCB2A.exe
C:\Users\Larissa\AppData\Local\Temp\EADCE36.exe
C:\Users\Larissa\AppData\Local\Temp\EADD24B.exe
C:\Users\Larissa\AppData\Local\Temp\EADD9F9.exe
C:\Users\Larissa\AppData\Local\Temp\EADDF65.exe
C:\Users\Larissa\AppData\Local\Temp\EADE168.exe
C:\Users\Larissa\AppData\Local\Temp\EADE2EE.exe
C:\Users\Larissa\AppData\Local\Temp\EADE771.exe
C:\Users\Larissa\AppData\Local\Temp\EADF324.exe
C:\Users\Larissa\AppData\Local\Temp\EADFCC.exe
C:\Users\Larissa\AppData\Local\Temp\EAInstall.dll
C:\Users\Larissa\AppData\Local\Temp\eauninstall.exe
C:\Users\Larissa\AppData\Local\Temp\FoxySecure_IE_FF_12-02-2014_Version_5_Setup.exe
C:\Users\Larissa\AppData\Local\Temp\IminentSetup.exe
C:\Users\Larissa\AppData\Local\Temp\linksicle-setup-1-8-2-0-NEW.exe
C:\Users\Larissa\AppData\Local\Temp\Mobogenie_Setup_2-1-37_610.exe
C:\Users\Larissa\AppData\Local\Temp\optprosetup.exe
C:\Users\Larissa\AppData\Local\Temp\pennybee.exe
C:\Users\Larissa\AppData\Local\Temp\PicasaUpdater_6a.exe
C:\Users\Larissa\AppData\Local\Temp\SeeSimilarSetup.exe
C:\Users\Larissa\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Larissa\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Larissa\AppData\Local\Temp\tbDVDV.dll
C:\Users\Larissa\AppData\Local\Temp\The Sims Pet Stories_uninst.exe
C:\Users\Larissa\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Larissa\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Larissa\AppData\Local\Temp\VIS_DE-2013-12-13.exe
C:\Users\Larissa\AppData\Local\Temp\_isE3F6.exe
C:\Users\Larissa\AppData\Local\Temp\_ReMarkit_up.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-01 22:47

==================== End Of Log ============================
--- --- ---

Die Larissa 04.07.2014 17:51
Und hier der 2.
Jetzt müsste alles stimmen :D

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by Larissa at 2014-07-04 18:44:33
Running from C:\Users\Larissa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Abenteuer auf dem Reiterhof 6 (HKLM-x32\...\{EEE76149-DC7F-4D3E-B021-6152DF574FA6}) (Version: 1.00 - UBISOFT)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Das große Tafelwerk interaktiv (HKLM-x32\...\{3749D33C-26C8-4669-ACAA-DA3B0ADA67B6}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Foxy Secure (HKLM-x32\...\Foxy Secure) (Version:  - )
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Option WWAN Driver 5.0.32.0 Installer  (HKLM\...\{727E94E5-584F-4463-B4F5-93D3779C610B}_x) (Version: 3.5.0.1158 - Option NV)
Option WWAN Driver 5.0.32.0 Installer (Version: 3.5.0.1158 - Option NV) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Planet Horse 1.0 (HKLM-x32\...\{2A1BA1A0-9675-4564-8A24-BE17179E26C3}_is1) (Version:  - Focus Home Interactive)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Re-markit (HKLM-x32\...\7CBBDE65-66D6-AD6B-55F9-2205FEE4E8C0) (Version:  - Re-markit-software) <==== ATTENTION
Re-markit (HKLM-x32\...\c974fc9c-b15a-417f-8a56-1c64d86b29b5) (Version:  - Re-markit Software) <==== ATTENTION
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Settings Manager (HKLM-x32\...\Settings Manager) (Version: 5.0.0.13001 - Aztec Media Inc) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
t4pc_en_6 (HKLM-x32\...\t4pc_en_6_is1) (Version:  - T4PC) <==== ATTENTION
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
ToggleMark (HKLM\...\ToggleMark) (Version: 2014.06.22.055645 - ToggleMark) <==== ATTENTION
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.10090 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
video MediaPlayer (HKLM-x32\...\video MediaPlayer) (Version: 1.34.6.10 - enter) <==== ATTENTION
VIS (HKLM-x32\...\VIS) (Version:  - ) <==== ATTENTION
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
webssearches uninstaller (HKLM-x32\...\webssearches uninstaller) (Version:  - webssearches) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WindowsProtectManger20.0.0.401 (HKLM-x32\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION
Yahoo Community Smartbar (HKLM-x32\...\{D40BD1FB-10B4-4042-A5AE-8364941019F6}) (Version: 11.47.66.16718 - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU\...\{23c53f62-eabb-4b28-a7c0-cd25c57bc381}) (Version: 11.47.66.16718 - Linkury Inc.) <==== ATTENTION
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

22-06-2014 06:43:03 Removed Apple Software Update
22-06-2014 06:46:43 Removed Bonjour
22-06-2014 06:50:53 Removed Mobile Broadband Generic Drivers.
22-06-2014 06:58:07 Removed Pinnacle VideoSpin.
22-06-2014 07:01:15 Entfernt Realtek PCIE Card Reader
22-06-2014 07:01:58 Removed Sierra Wireless Drivers.
23-06-2014 01:00:10 Windows Update
01-07-2014 20:54:52 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {08620E43-A7B2-4E06-89FF-3D2EF8D927D2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {13D8CC9C-4C82-4256-9B32-7F860FD1E086} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1638CD03-5AE9-458F-8903-59713B5B9B0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {17C73F27-828B-4861-BC8F-85CE81AD0EC6} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {1A605656-73A6-45D9-B6C8-90C0BBECB82B} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1D14F18C-9942-472E-AE6C-4759719EC3EF} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {211CA690-B008-484D-9E4D-053BDED5DCF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25] (Google Inc.)
Task: {27496A9D-7AA8-47E0-9699-4C1029F05BCF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {29573B2B-B778-444B-B0CD-DAF877B74364} - System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4 => C:\Program Files (x86)\video MediaPlayer\76e29085-a0b8-44c4-9613-e639f3d9191a-4.exe
Task: {299E454B-BC91-4409-9E41-762094DD6397} - System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3 => C:\Program Files (x86)\video MediaPlayer\76e29085-a0b8-44c4-9613-e639f3d9191a-3.exe
Task: {2C1F951E-69D4-4842-9605-83A2CE81EA44} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {34CF72CB-B772-476E-8C69-8E62279759DB} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3AA2A44A-3901-414D-A5CB-7E52F1803E30} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {3C6F51E8-3A2B-46FA-B3EB-89B654CFE28A} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4449081A-8B29-4CC7-A62B-3A41A17BCA0E} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {459793BA-827A-481A-BA7F-9E13047327A9} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-22] (globalUpdate) <==== ATTENTION
Task: {49C34184-804E-4869-B667-629ED30C6BED} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4B85F4E9-258A-49B7-961F-B2ADCC0AFC68} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25] (Google Inc.)
Task: {53434622-ABA6-42AB-8B5B-B629BBC7AD9E} - System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5 => C:\Program Files (x86)\video MediaPlayer\76e29085-a0b8-44c4-9613-e639f3d9191a-5.exe
Task: {7023B253-0F55-489E-B6CA-D009567E2D4E} - System32\Tasks\DigitalSite => C:\Users\Larissa\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {70ABDC66-A1E9-4671-A02F-83E4D2914A6E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {7B27FA51-1DF2-47BE-8A88-2018B39CBA36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17] (Google Inc.)
Task: {7DB1C974-7DB9-4458-9A7C-CFE5B4A8D361} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\-Re-markit-soft\Re-markitQ.exe [2014-06-22] () <==== ATTENTION
Task: {8BFDF90B-1733-43FC-8040-ECD1A51E4E18} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {8C0E34AB-A602-4CD5-8466-755EF4D8B95E} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {944D3AC6-1F3C-45E6-9FEB-1E38FD85DCB9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {98F1B20B-5C0E-4743-86B2-68D251492900} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17] (Google Inc.)
Task: {993F6B47-B7EF-4369-88F9-AD15876C1F31} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {9948E87E-B4B5-4F73-8B00-E8F7F0900545} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {9CA39CF9-495A-434F-B08A-1FC4CD2E474F} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe <==== ATTENTION
Task: {A289324F-0527-4F6D-A353-1B51B3B4F7BE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {A7C74A75-C173-427E-9179-C1CED7F4B39A} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {A9758080-4F3F-4786-9BD8-E286FBDDA8E1} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-22] (globalUpdate) <==== ATTENTION
Task: {ABC280DF-ED7D-4F99-A46E-B8DA14EFB712} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {AEE827AD-1BB5-4027-BF68-1EC36EF93803} - System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2 => C:\Program Files (x86)\video MediaPlayer\76e29085-a0b8-44c4-9613-e639f3d9191a-2.exe
Task: {B6B85BA3-AB2D-4DEB-B848-33261B2AB06C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-24] (Adobe Systems Incorporated)
Task: {B925986B-CD50-421C-A0FE-463D6DE6BF89} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F02BFC6A-0D57-450E-B417-6AAFFAA0D60D} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {F7820B41-D9AF-4108-9788-681334230394} - System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1 => C:\Program Files (x86)\video MediaPlayer\video MediaPlayer-codedownloader.exe
Task: {FC4CF8A7-FBF0-4706-AA00-D2B9CE688EC3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FF22D409-61A3-4635-BC72-6BDA2AED1634} - System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11 => C:\Program Files (x86)\video MediaPlayer\76e29085-a0b8-44c4-9613-e639f3d9191a-11.exe
Task: C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1.job => C:\Program Files (x86)\video MediaPlayer\video MediaPlayer-codedownloader.exe
Task: C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11.job => C:\Program Files (x86)\video MediaPlayer\76e29085-a0b8-44c4-9613-e639f3d9191a-11.exe
Task: C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2.job => C:\Program Files (x86)\video MediaPlayer\76e29085-a0b8-44c4-9613-e639f3d9191a-2.exe
Task: C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3.job => C:\Program Files (x86)\video MediaPlayer\76e29085-a0b8-44c4-9613-e639f3d9191a-3.exe
Task: C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4.job => C:\Program Files (x86)\video MediaPlayer\76e29085-a0b8-44c4-9613-e639f3d9191a-4.exe
Task: C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5.job => C:\Program Files (x86)\video MediaPlayer\76e29085-a0b8-44c4-9613-e639f3d9191a-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Larissa\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\-Re-markit-soft\Re-markitQ.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-06-21 13:21 - 2014-06-11 17:05 - 00662544 _____ () c:\program files (x86)\settings manager\systemk\x64\sysapcrt.dll
2014-02-08 18:02 - 2014-02-08 18:04 - 00063168 _____ () C:\Program Files (x86)\Mobogenie\MgAssist.exe
2014-06-22 06:18 - 2014-06-22 06:18 - 00179712 _____ () C:\Program Files (x86)\-Re-markit-soft\Re-markitaj174.exe
2014-02-08 18:02 - 2014-02-08 18:04 - 00775872 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-03-14 16:00 - 2014-03-14 16:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-06-22 23:26 - 2014-06-17 10:13 - 03341280 _____ () C:\Users\Larissa\AppData\Local\t4pc_en_6\upt4pc_en_6.exe
2014-04-23 12:55 - 2014-04-23 12:55 - 00033048 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-06-22 06:18 - 2014-06-22 06:18 - 00101376 _____ () C:\Program Files (x86)\-Re-markit-soft\Re-markitQ.exe
2014-04-23 12:55 - 2014-04-23 12:55 - 00012568 _____ () C:\Users\Larissa\AppData\Local\LPT\srptm.exe
2014-06-22 07:56 - 2014-07-04 14:55 - 00318752 _____ () C:\Program Files (x86)\ToggleMark\updateToggleMark.exe
2014-06-23 00:26 - 2014-07-04 14:58 - 00318752 _____ () C:\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe
2012-02-20 22:29 - 2012-02-20 22:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 22:28 - 2012-02-20 22:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-21 13:21 - 2014-06-21 13:21 - 00374272 _____ () C:\Users\Larissa\AppData\Roaming\Win System\sub\default.dll
2014-06-21 13:21 - 2014-06-11 17:05 - 00488464 _____ () c:\program files (x86)\settings manager\systemk\sysapcrt.dll
2012-02-01 19:40 - 2011-03-05 17:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-02-08 18:02 - 2014-02-08 18:04 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-02-15 16:07 - 2014-02-15 16:07 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2012-02-01 19:27 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00038680 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00062744 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srau.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00165656 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 02339096 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00057624 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\spbl.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00152344 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00012568 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\siem.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00059672 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\sppsm.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00704792 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00081688 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00013592 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00016664 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00051480 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srut.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00019736 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srsbs.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00058648 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00044312 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\smti.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00022808 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srom.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00020760 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\smtu.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00032024 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\smta.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00036632 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srbu.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00013592 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\sgml.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00052504 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00014616 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srpdm.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00047384 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-04-23 12:53 - 2014-04-23 12:53 - 00025368 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00024856 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00246552 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srns.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00080664 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00021272 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00018200 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-06-22 06:18 - 2014-06-22 06:18 - 00172544 _____ () C:\Program Files (x86)\-Re-markit-soft\Re-markitaj174.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00080664 _____ () C:\Users\Larissa\AppData\Local\LPT\srpt.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00021272 _____ () C:\Users\Larissa\AppData\Local\LPT\srptc.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00018200 _____ () C:\Users\Larissa\AppData\Local\LPT\Smartbar.Common.dll
2014-06-21 13:21 - 2014-06-11 17:04 - 00019472 _____ () c:\program files (x86)\settings manager\systemk\syskldr.dll
2014-06-19 15:14 - 2014-06-19 15:14 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-02-18 12:18 - 2011-02-18 12:18 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-05-24 16:54 - 2014-05-24 16:54 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

==================== Faulty Device Manager Devices =============

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: lsnfd
Description: lsnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lsnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2014 01:00:05 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 10:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 07:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 04:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 01:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/01/2014 10:18:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markitQ.exe, Version: 1.174.0.0, Zeitstempel: 0x53a17e76
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x27f0
Startzeit der fehlerhaften Anwendung: 0xRe-markitQ.exe0
Pfad der fehlerhaften Anwendung: Re-markitQ.exe1
Pfad des fehlerhaften Moduls: Re-markitQ.exe2
Berichtskennung: Re-markitQ.exe3

Error: (07/01/2014 10:18:01 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/01/2014 10:17:41 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (06/24/2014 00:48:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1a70
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/23/2014 05:37:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm VAIO Gate.exe, Version 2.3.0.11090 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: aa0

Startzeit: 01cf8de6bebf1904

Endzeit: 4332

Anwendungspfad: C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

Berichts-ID: 2fa2ddab-faec-11e3-a54d-9439e5c5c0aa


System errors:
=============
Error: (06/22/2014 08:56:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612

Error: (06/22/2014 08:54:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv07
lsnfd

Error: (06/22/2014 08:54:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SProtection" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/22/2014 08:54:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (06/22/2014 08:53:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (06/22/2014 08:52:04 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/22/2014 06:32:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IePlugin Services" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/22/2014 06:32:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WindowsProtectManger Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/22/2014 06:32:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wpm Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/22/2014 05:35:36 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612


Microsoft Office Sessions:
=========================
Error: (07/02/2014 01:00:05 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 10:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 07:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 04:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 01:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/01/2014 10:18:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markitQ.exe1.174.0.053a17e76unknown0.0.0.000000000c00000050000000027f001cf956985f404f7C:\Program Files (x86)\-Re-markit-soft\Re-markitQ.exeunknownce3b9fe4-015c-11e4-a54d-9439e5c5c0aa

Error: (07/01/2014 10:18:01 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/01/2014 10:17:41 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (06/24/2014 00:48:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b1a7001cf8e60e06faa87C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll156c95d8-fb8d-11e3-a54d-9439e5c5c0aa

Error: (06/23/2014 05:37:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: VAIO Gate.exe2.3.0.11090aa001cf8de6bebf19044332C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe2fa2ddab-faec-11e3-a54d-9439e5c5c0aa


CodeIntegrity Errors:
===================================
  Date: 2014-06-22 08:54:01.933
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 08:54:01.853
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 08:53:32.083
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 08:53:31.993
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 08:53:08.834
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 08:53:08.756
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 05:33:22.717
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 05:33:22.627
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 05:33:19.922
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 05:33:19.822
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 77%
Total physical RAM: 4077.86 MB
Available physical RAM: 903.99 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 3256.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.98 GB) (Free:174.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: CA51395E)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284 GB) - (Type=07 NTFS)

==================== End Of Log ==========================

deeprybka 04.07.2014 18:01
Prima! :daumenhoc

Schritt 1
Lade Dir bitte Revo Uninstallerhttp://deeprybka.trojaner-board.de/b...ninstaller.pnghier herunter.
Entpacke die zip-Datei auf den Desktop.Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, die den ATTENTION-Zusatz haben, führe den nächsten Schritt aus:


Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 3

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Die Larissa 04.07.2014 18:05
Wie entpacke ich denn jetzt die zip - Datei denn?
Ich hab's jetzt runter geladen ...

deeprybka 04.07.2014 18:27
Nimmste besser die Version...;)

Revo Uninstaller - Download - Filepony

Einfach installieren. Rest funktioniert wie oben...:)

Die Larissa 04.07.2014 18:35
Danke aber ich habe es jetzt doch noch geschafft zu entpacken :D
Nur leider habe ich jetzt ein 2. Problem.
Tut mir echt leid, aber bin echt dumm was sowas angeht ^^
Wonach soll ich jetzt genau suchen?
Ich habe den Unistaller jetzt geöffnet und dort erscheinen nur die Programme ... da steht nichts von Attention oder sonstiges.
Wo genau finde ich die Angaben denn?

Sorry :D

deeprybka 04.07.2014 18:46
Na oben in der Addition.txt.

z.B.

Code:
Program-Name <==== ATTENTION

Die Larissa 04.07.2014 18:56
Super, dann werde ich mal suchen :)

deeprybka 04.07.2014 19:01
;)

Suche im Uninstallerfeld nach den Programmen, die unter:
http://deeprybka.trojaner-board.de/b.../revo/add1.png
diesen Zusatz haben:
http://deeprybka.trojaner-board.de/b...e/revo/att.PNG

Die Larissa 04.07.2014 19:37
Das hat ganz schön lange gebraucht ...

Code:
# AdwCleaner v3.214 - Bericht erstellt am 04/07/2014 um 20:24:37
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Larissa - LARISSA-VAIO
# Gestartet von : C:\Users\Larissa\Downloads\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : BackupStack
[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
[#] Dienst Gelöscht : IePluginServices
[#] Dienst Gelöscht : LPTSystemUpdater
[#] Dienst Gelöscht : MgAssistService
[#] Dienst Gelöscht : Re-markit
[#] Dienst Gelöscht : SProtection
[#] Dienst Gelöscht : Update ToggleMark
[#] Dienst Gelöscht : Util ToggleMark
[#] Dienst Gelöscht : WindowsProtectManger
[#] Dienst Gelöscht : Wpm

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\374311380
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\WindowsProtectManger
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\LPT
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\Re-Markable
Ordner Gelöscht : C:\Program Files (x86)\Re-markit
Ordner Gelöscht : C:\Program Files (x86)\Settings Manager
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\ToggleMark
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Freunde\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\ext_offermosquito
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\PennyBee
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\Temp\mt_ffx
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Larissa\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Larissa\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Larissa\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\337Games
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\DataMgr
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Intermediate
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\SCheck
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\SeeSimilar
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Settings Manager
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Snz
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Speedial
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\SSync
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\webssearches
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\Larissa\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Smartbar
Ordner Gelöscht : C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\ValueApps
Ordner Gelöscht : C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk
Datei Gelöscht : C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\{af16abf4-eac1-49b4-93fc-58f6ca799135}.xpi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Freunde\daemonprocess.txt
Datei Gelöscht : C:\Users\Larissa\daemonprocess.txt
Datei Gelöscht : C:\Users\Larissa\AppData\Local\AnyProtectScannerSetup.exe
Datei Gelöscht : C:\Users\Larissa\AppData\Local\omesuperv.exe
Datei Gelöscht : C:\Users\Larissa\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\invalidprefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
Datei Gelöscht : C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\user.js
Datei Gelöscht : C:\Users\Freunde\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP1.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP1
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP2.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP2
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP3.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP3
Datei Gelöscht : C:\Windows\Tasks\DigitalSite.job
Datei Gelöscht : C:\Windows\System32\Tasks\DigitalSite
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
Datei Gelöscht : C:\Windows\Tasks\Re-markit Update.job
Datei Gelöscht : C:\Windows\System32\Tasks\Re-markit Update
Datei Gelöscht : C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1.job
Datei Gelöscht : C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-1
Datei Gelöscht : C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11.job
Datei Gelöscht : C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-11
Datei Gelöscht : C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2.job
Datei Gelöscht : C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-2
Datei Gelöscht : C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3.job
Datei Gelöscht : C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-3
Datei Gelöscht : C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4.job
Datei Gelöscht : C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-4
Datei Gelöscht : C:\Windows\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5.job
Datei Gelöscht : C:\Windows\System32\Tasks\76e29085-a0b8-44c4-9613-e639f3d9191a-5

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Larissa\Desktop\Search.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Larissa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Larissa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [OMESupervisor]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2625848
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_bus-simulator-2012_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_bus-simulator-2012_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952299}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956699}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544954499}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{553318DA-D010-469E-84B1-496563CAE1C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F225A2E3-8EE1-4204-B7A0-F4C551578A87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511951199}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{553318DA-D010-469E-84B1-496563CAE1C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F225A2E3-8EE1-4204-B7A0-F4C551578A87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952299}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951199}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955599}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956699}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951199}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\httogroup
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\OfferMosquito
Schlüssel Gelöscht : HKCU\Software\piccshare
Schlüssel Gelöscht : HKCU\Software\Protector
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\ToggleMark
Schlüssel Gelöscht : HKCU\Software\Tuto4PC
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\Free_soft_today
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\nationzoomSoftware
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWindowsProtectManger
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\SystemK
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\ToggleMark
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\webssearchesSoftware
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsProtectManger
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ToggleMark
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\suptab\search~1.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\prefs.js ]

Zeile gelöscht : user_pref("CT2625848.1000082.isDisplayHidden", "true");
Zeile gelöscht : user_pref("CT2625848.1000082.muteState", "off");
Zeile gelöscht : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
Zeile gelöscht : user_pref("CT2625848.2625848a129894023611240511000000paramsGK1", "eyJ1cGRhdGVSZXFUaW1lIjoxMzQ5MjY3Mzc4NTEwLCJ1cGRhdGVSZXNwVGltZSI6MTM0OTI2NzM3OTIyOSwiZGF0YSI6eyJzZXR0aW5ncyI6eyJpY29uIjoiaHR0cDovL3N0b3[...]
Zeile gelöscht : user_pref("CT2625848.CBOpenMAMSettings.enc", "MA==");
Zeile gelöscht : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.FirstTime", "true");
Zeile gelöscht : user_pref("CT2625848.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT2625848.LoginRevertSettingsEnabled", true);
Zeile gelöscht : user_pref("CT2625848.RevertSettingsEnabled", true);
Zeile gelöscht : user_pref("CT2625848.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=");
Zeile gelöscht : user_pref("CT2625848.UserID", "UN59903747091225618");
Zeile gelöscht : user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT2625848.autoDisableScopes", -1);
Zeile gelöscht : user_pref("CT2625848.browser.search.defaultthis.engineName", true);
Zeile gelöscht : user_pref("CT2625848.cb_experience_000.enc", "MTY=");
Zeile gelöscht : user_pref("CT2625848.cb_firstuse0100.enc", "MQ==");
Zeile gelöscht : user_pref("CT2625848.cbcountry_001.enc", "REU=");
Zeile gelöscht : user_pref("CT2625848.cbfirsttime.enc", "TW9uIE5vdiAxMiAyMDEyIDEyOjQxOjIxIEdNVCswMTAw");
Zeile gelöscht : user_pref("CT2625848.countryCode", "DE");
Zeile gelöscht : user_pref("CT2625848.defaultSearch", "true");
Zeile gelöscht : user_pref("CT2625848.enableAlerts", "false");
Zeile gelöscht : user_pref("CT2625848.enableFix404ByUser", "TRUE");
Zeile gelöscht : user_pref("CT2625848.enableSearchFromAddressBar", "true");
Zeile gelöscht : user_pref("CT2625848.firstTimeDialogOpened", "true");
Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundError", "true");
Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorByUser", "true");
Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT2625848.fixUrls", true);
Zeile gelöscht : user_pref("CT2625848.fullUserID", "UN59903747091225618.UP.20130702091405");
Zeile gelöscht : user_pref("CT2625848.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc", "b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRpb249MCxyZXNpemFibGU9bm8sc2Nyb2xsYmFycz1ubyx0aXRsZW[...]
Zeile gelöscht : user_pref("CT2625848.installId", "ConduitNSISIntegration");
Zeile gelöscht : user_pref("CT2625848.installType", "ConduitNSISIntegration");
Zeile gelöscht : user_pref("CT2625848.isCheckedStartAsHidden", true);
Zeile gelöscht : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.isFirstTimeToolbarLoading", "false");
Zeile gelöscht : user_pref("CT2625848.isNewTabEnabled", true);
Zeile gelöscht : user_pref("CT2625848.isPerformedSmartBarTransition", "true");
Zeile gelöscht : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT2625848.keyword", true);
Zeile gelöscht : user_pref("CT2625848.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2625848&octid=CT2625848&SearchSource=15&CUI=UN59903747091225618&SSPV=&Lay=1&UM=\"}");
Zeile gelöscht : user_pref("CT2625848.lastVersion", "10.23.0.822");
Zeile gelöscht : user_pref("CT2625848.migrateAppsAndComponents", true);
Zeile gelöscht : user_pref("CT2625848.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsupport.mozilla.org%2Fde%2Fkb%2Fsymbolleisten-deinstallieren\",\"EB_MAIN_FRAME_TITLE\":\"Symbolleisten%20deinstallie[...]
Zeile gelöscht : user_pref("CT2625848.openThankYouPage", "false");
Zeile gelöscht : user_pref("CT2625848.openUninstallPage", "true");
Zeile gelöscht : user_pref("CT2625848.originalHomepage", "hxxp://search.conduit.com/?ctid=CT2625848&SearchSource=13");
Zeile gelöscht : user_pref("CT2625848.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&CUI=UN59903747091225618&UM=&q=");
Zeile gelöscht : user_pref("CT2625848.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"11\\\\/12\\\\/2012 14\\\"}\"}");
Zeile gelöscht : user_pref("CT2625848.price-gong.isManagedApp", "true");
Zeile gelöscht : user_pref("CT2625848.search.searchAppId", "129181467799155027");
Zeile gelöscht : user_pref("CT2625848.search.searchCount", "0");
Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledByUser", "true");
Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT2625848.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT2625848.searchSuggestEnabledByUser", "true");
Zeile gelöscht : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2625848\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DVDVideoSoftTBDE.OurToolbar.com//xpi\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DVDVideoSoftTB DE \"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_Configuration_lastUpdate", "1388318601547");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1353312391655");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1353609417023");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_clientErrorLog_lastUpdate", "1350133965961");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1352538506680");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_location_lastUpdate", "1372020829777");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.13.1.89_lastUpdate", "1352717766646");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358537824330");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.14.40.128_lastUpdate", "1359312238979");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360767300881");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.14.65.43_lastUpdate", "1364437308945");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366024463652");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368614209233");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372044792752");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374551638171");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.16.70.505_lastUpdate", "1382195601911");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.20.1.508_lastUpdate", "1382644357161");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.21.1.507_lastUpdate", "1387726608358");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.23.0.822_lastUpdate", "1388316807914");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_optimizer_lastUpdate", "1352718039801");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1352538506750");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1388318600883");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_serviceMap_lastUpdate", "1388318600583");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1352538506574");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1388318600756");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_translation_lastUpdate", "1388318600661");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_userApps1ec55dac-8dca-406b-9697-5d68893c1c0c_lastUpdate", "1353609417212");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_userApps_lastUpdate", "1353609417219");
Zeile gelöscht : user_pref("CT2625848.settingsINI", true);
Zeile gelöscht : user_pref("CT2625848.shouldFirstTimeDialog", "false");
Zeile gelöscht : user_pref("CT2625848.showToolbarPermission", "false");
Zeile gelöscht : user_pref("CT2625848.smartbar.CTID", "CT2625848");
Zeile gelöscht : user_pref("CT2625848.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT2625848.smartbar.homepage", true);
Zeile gelöscht : user_pref("CT2625848.smartbar.isHidden", true);
Zeile gelöscht : user_pref("CT2625848.smartbar.toolbarName", "DVDVideoSoftTB DE ");
Zeile gelöscht : user_pref("CT2625848.toolbarBornServerTime", "3-10-2012");
Zeile gelöscht : user_pref("CT2625848.toolbarCurrentServerTime", "28-12-2013");
Zeile gelöscht : user_pref("CT2625848.toolbarDisabled", "true");
Zeile gelöscht : user_pref("CT2625848.toolbarLoginClientTime", "Thu Mar 28 2013 12:03:17 GMT+0100");
Zeile gelöscht : user_pref("CT2625848.url_history0001.enc", "aHR0cDovL3d3dy5mYWNlYm9vay5jb20vbWVzc2FnZXMvP2FjdGlvbj1yZWFkJnRpZD1tc2cuZGQxNzIyNGFiZjJjZDMwYWYzMzkxMWY1YzFiZmE5NGY1MyM6OjpjbGlja2hhbmRsZXI6OjoxMzUzNjg0MzQx[...]
Zeile gelöscht : user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1388318961956,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?CUI=UN59903747091225618&ctid=CT2625848&SearchSource=13");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=2&cc=&q=");
Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2625848");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://native-search.com/search.php?channel=de&q=");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.default-search.net?sid=476&aid=122&itype=n&ver=13001&tm=385&src=hmp");
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.dspOld", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc=");
Zeile gelöscht : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc=");
Zeile gelöscht : user_pref("extensions.Softonic.hpOld", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc=");
Zeile gelöscht : user_pref("extensions.Softonic.id", "ba5d2efa0000000000009439e5c5c0a9");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "15502");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MON00001");
Zeile gelöscht : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=2&cc=&q=");
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=15&cc=");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.5.24.3");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.5.24.3");
Zeile gelöscht : user_pref("extensions.Softonic_i.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic_i.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic_i.newTab", false);
Zeile gelöscht : user_pref("extensions.Softonic_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic_i.vrsnTs", "1.5.24.320:44:15");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1431b53ee5a8edd8fd3aa0a5dd9230db");

-\\ Google Chrome v

[ Datei : C:\Users\Freunde\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

[ Datei : C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : gbmdkmlcnbapgegninelmjbfibaghdmk

*************************

AdwCleaner[R0].txt - [57557 octets] - [04/07/2014 20:23:51]
AdwCleaner[S0].txt - [51429 octets] - [04/07/2014 20:24:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [51490 octets] ##########
Und hier noch mal die beiden Logs vom FRST Scan :)

Code:
can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Larissa (administrator) on LARISSA-VAIO on 04-07-2014 20:33:18
Running from C:\Users\Larissa\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(OptionNV) C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe
(Handle) C:\Users\Larissa\AppData\Roaming\Win System\handle.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [fst_de_56] => [X]
HKLM-x32\...\Run: [t4pc_en_6] => [X]
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [Facebook Update] => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-1729608130-416407075-3546430458-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Packer.exe.lnk
ShortcutTarget: Packer.exe.lnk -> C:\Users\Larissa\AppData\Local\Temp\is-1HN5Q.tmp\Packer.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name - {01F29AE5-D48D-417B-9D00-8A115C23A0EB} - C:\Users\Larissa\AppData\LocalLow\systems ie bho\bho.dll ()
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ToggleMark - {24ac098d-eb44-41b3-abaa-f4bc67d4d64d} - C:\Program Files (x86)\ToggleMark\ToggleMarkbho.dll No File
BHO-x32: Re-markit - {4d5c5a63-c98f-4693-a3dc-5cf708212045} - C:\Program Files (x86)\Re-markit\150.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {963B125B-8B21-49A2-A3A8-E37092276531}} -  No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Larissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Larissa\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\staged [2014-07-04]
FF Extension: WOT - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-02]
FF Extension: ToggleMark - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}.xpi [2014-07-04]
FF HKLM-x32\...\Firefox\Extensions: [linksicle@linksicle.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
FF HKCU\...\Firefox\Extensions: [{1766c545-cec8-4a4d-a869-a22153bec7a3}] - C:\Program Files (x86)\Re-markit\150.xpi
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage:
CHR Extension: (No Name) - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-02-15]
CHR Extension: (Re-Markable) - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\knjbfmepegbmbdkabccnkjdmlmpmeoci [2014-04-29]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 GtDetectSc; C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [809984 2009-05-04] (OptionNV) [File not signed]
R2 HandleService; C:\Users\Larissa\AppData\Roaming\Win System\handle.exe [637952 2014-06-10] (Handle) [File not signed]
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2013-10-29] () [File not signed]
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [211456 2012-08-18] () [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-25] (Avira Operations GmbH & Co. KG)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2012-08-18] () [File not signed]
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
S3 swivsp; C:\Windows\System32\DRIVERS\swivspnt.sys [23552 2007-03-26] (Sierra Wireless Inc.) [File not signed]
R1 {af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64; C:\Windows\System32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys [61120 2014-06-09] (StdLib)
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S1 lsnfd; system32\drivers\lsnfd.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 RSPCIESTOR; system32\DRIVERS\RtsPStor.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 20:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-04 20:22 - 2014-07-04 20:26 - 00000000 ____D () C:\AdwCleaner
2014-07-04 20:20 - 2014-07-04 20:20 - 01346519 _____ () C:\Users\Larissa\Downloads\adwcleaner_3.214.exe
2014-07-04 18:31 - 2014-07-04 19:50 - 00068522 _____ () C:\Users\Larissa\Downloads\Addition.txt
2014-07-04 18:29 - 2014-07-04 20:33 - 00018210 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-04 18:29 - 2014-07-04 20:33 - 00000000 ____D () C:\FRST
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-06-24 12:49 - 2014-07-04 20:26 - 00001079 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-24 12:49 - 2014-07-04 20:26 - 00001049 _____ () C:\Users\Larissa\Desktop\Search.lnk
2014-06-23 00:27 - 2014-06-09 12:15 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys
2014-06-22 18:58 - 2014-07-04 12:08 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-06-22 07:31 - 2014-06-22 07:31 - 00623616 _____ (Click Me In Limited) C:\Users\Larissa\AppData\Local\nso71F8.tmp
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:19 - 2014-07-02 13:35 - 00000000 ____D () C:\Program Files (x86)\video MediaPlayer
2014-06-22 06:18 - 2014-07-04 19:56 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-22 06:18 - 2014-07-04 19:56 - 00000000 ____D () C:\Program Files (x86)\-Re-markit-soft
2014-06-22 05:40 - 2014-06-22 05:41 - 01392536 _____ () C:\Users\Larissa\Downloads\Setup.exe
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Win System
2014-06-21 13:20 - 2014-07-04 20:08 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-06-21 13:17 - 2014-06-21 13:17 - 00357728 _____ (Softonic) C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_3d-fahrschule(1).exe
2014-06-21 13:00 - 2014-06-21 13:00 - 00961360 _____ (Chip Digital GmbH) C:\Users\Larissa\Downloads\3D Fahrschule - CHIP-Installer.exe
2014-06-21 06:37 - 2014-06-21 18:38 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 19:21 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-14 19:21 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-14 19:21 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-14 19:21 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-14 19:21 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-14 19:21 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-14 19:21 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-14 19:21 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-14 19:21 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-14 19:21 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-14 19:21 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-14 19:21 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-14 19:21 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-14 19:21 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-14 19:21 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-14 19:21 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-14 19:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-14 19:21 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 19:21 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 19:21 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-14 19:19 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-14 19:19 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-14 13:51 - 2014-06-20 18:34 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-07 13:11 - 2014-06-14 13:52 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung

==================== One Month Modified Files and Folders =======

2014-07-04 20:33 - 2014-07-04 18:29 - 00018210 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-04 20:33 - 2014-07-04 18:29 - 00000000 ____D () C:\FRST
2014-07-04 20:32 - 2012-02-01 19:19 - 01528497 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 20:30 - 2012-03-12 13:16 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{08158E50-22FD-4CF1-BAC4-092B9F4F9693}
2014-07-04 20:29 - 2012-12-17 17:29 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 20:29 - 2012-08-27 12:21 - 00000000 ___RD () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-04 20:29 - 2012-03-13 00:15 - 00000000 ____D () C:\Users\Larissa\Tracing
2014-07-04 20:28 - 2012-02-01 19:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-04 20:28 - 2010-11-21 05:47 - 00272812 _____ () C:\Windows\PFRO.log
2014-07-04 20:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-04 20:28 - 2009-07-14 06:51 - 00083637 _____ () C:\Windows\setupact.log
2014-07-04 20:26 - 2014-07-04 20:22 - 00000000 ____D () C:\AdwCleaner
2014-07-04 20:26 - 2014-06-24 12:49 - 00001079 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-04 20:26 - 2014-06-24 12:49 - 00001049 _____ () C:\Users\Larissa\Desktop\Search.lnk
2014-07-04 20:26 - 2013-07-20 22:49 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Common
2014-07-04 20:26 - 2012-11-23 12:08 - 00000000 ____D () C:\Users\Freunde
2014-07-04 20:26 - 2012-03-12 13:32 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 20:26 - 2012-03-12 13:07 - 00000999 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-04 20:26 - 2012-03-12 13:05 - 00000000 ____D () C:\Users\Larissa
2014-07-04 20:20 - 2014-07-04 20:20 - 01346519 _____ () C:\Users\Larissa\Downloads\adwcleaner_3.214.exe
2014-07-04 20:19 - 2012-03-13 13:15 - 00000000 ____D () C:\Users\Larissa\AppData\Local\CrashDumps
2014-07-04 20:08 - 2014-06-21 13:20 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-07-04 19:59 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-07-04 19:57 - 2012-12-17 17:29 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 19:56 - 2014-06-22 06:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-04 19:56 - 2014-06-22 06:18 - 00000000 ____D () C:\Program Files (x86)\-Re-markit-soft
2014-07-04 19:54 - 2012-03-29 17:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 19:50 - 2014-07-04 18:31 - 00068522 _____ () C:\Users\Larissa\Downloads\Addition.txt
2014-07-04 19:50 - 2012-11-25 16:18 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job
2014-07-04 19:00 - 2012-07-09 03:50 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-07-04 13:00 - 2012-07-09 03:50 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job
2014-07-04 12:08 - 2014-06-22 18:58 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-07-04 10:50 - 2012-11-25 16:18 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job
2014-07-03 22:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-03 16:41 - 2012-02-02 04:14 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-07-03 16:41 - 2012-02-02 04:14 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-07-03 16:41 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 13:35 - 2014-06-22 06:19 - 00000000 ____D () C:\Program Files (x86)\video MediaPlayer
2014-06-24 14:21 - 2012-03-12 13:08 - 00000000 ____D () C:\Users\Larissa\Documents\Bluetooth Folder
2014-06-24 11:59 - 2013-11-09 15:24 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-22 09:07 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 09:07 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-22 09:01 - 2012-02-01 19:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-22 09:01 - 2012-02-01 19:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 09:00 - 2012-02-01 19:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-22 08:49 - 2013-07-20 22:51 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\Program Files (x86)\3D-Fahrschule Demo
2014-06-22 08:39 - 2013-12-22 19:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 07:31 - 2014-06-22 07:31 - 00623616 _____ (Click Me In Limited) C:\Users\Larissa\AppData\Local\nso71F8.tmp
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:18 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-22 06:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-22 05:41 - 2014-06-22 05:40 - 01392536 _____ () C:\Users\Larissa\Downloads\Setup.exe
2014-06-22 05:32 - 2012-06-11 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 18:38 - 2014-06-21 06:37 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Win System
2014-06-21 13:17 - 2014-06-21 13:17 - 00357728 _____ (Softonic) C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_3d-fahrschule(1).exe
2014-06-21 13:00 - 2014-06-21 13:00 - 00961360 _____ (Chip Digital GmbH) C:\Users\Larissa\Downloads\3D Fahrschule - CHIP-Installer.exe
2014-06-20 23:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 18:59 - 2014-05-09 09:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-20 18:58 - 2012-03-12 13:36 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\SoftGrid Client
2014-06-20 18:42 - 2014-04-29 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-20 18:39 - 2014-04-30 03:00 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-20 18:34 - 2014-06-14 13:51 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-19 19:52 - 2012-12-17 17:29 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:52 - 2012-12-17 17:29 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 21:46 - 2013-11-09 15:24 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-14 19:15 - 2012-05-17 13:21 - 00000000 ____D () C:\Update
2014-06-14 19:15 - 2012-02-01 19:35 - 00000000 ____D () C:\Program Files\Sony
2014-06-14 13:52 - 2014-06-07 13:11 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung
2014-06-14 13:51 - 2012-03-12 13:06 - 00118024 _____ () C:\Users\Larissa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-09 12:15 - 2014-06-23 00:27 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys
2014-06-08 11:13 - 2014-06-14 19:19 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-14 19:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 13:31 - 2012-04-03 23:59 - 00000000 ____D () C:\Users\Larissa\Documents\Tagebuch

Some content of TEMP:
====================
C:\Users\Freunde\AppData\Local\Temp\AskSLib.dll
C:\Users\Freunde\AppData\Local\Temp\avgnt.exe
C:\Users\Larissa\AppData\Local\Temp\10010023.exe
C:\Users\Larissa\AppData\Local\Temp\APNSetup.exe
C:\Users\Larissa\AppData\Local\Temp\AskSLib.dll
C:\Users\Larissa\AppData\Local\Temp\AutoRun.exe
C:\Users\Larissa\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Larissa\AppData\Local\Temp\avgnt.exe
C:\Users\Larissa\AppData\Local\Temp\BackupSetup.exe
C:\Users\Larissa\AppData\Local\Temp\card_setup.exe
C:\Users\Larissa\AppData\Local\Temp\dgrn.exe
C:\Users\Larissa\AppData\Local\Temp\drm_dyndata_7330004.dll
C:\Users\Larissa\AppData\Local\Temp\EAD1534.exe
C:\Users\Larissa\AppData\Local\Temp\EAD189F.exe
C:\Users\Larissa\AppData\Local\Temp\EAD194A.exe
C:\Users\Larissa\AppData\Local\Temp\EAD22CB.exe
C:\Users\Larissa\AppData\Local\Temp\EAD2D37.exe
C:\Users\Larissa\AppData\Local\Temp\EAD2E21.exe
C:\Users\Larissa\AppData\Local\Temp\EAD39D4.exe
C:\Users\Larissa\AppData\Local\Temp\EAD40E6.exe
C:\Users\Larissa\AppData\Local\Temp\EAD4614.exe
C:\Users\Larissa\AppData\Local\Temp\EAD482.exe
C:\Users\Larissa\AppData\Local\Temp\EAD52E0.exe
C:\Users\Larissa\AppData\Local\Temp\EAD6778.exe
C:\Users\Larissa\AppData\Local\Temp\EAD6BEB.exe
C:\Users\Larissa\AppData\Local\Temp\EAD7879.exe
C:\Users\Larissa\AppData\Local\Temp\EAD7D3A.exe
C:\Users\Larissa\AppData\Local\Temp\EADA1D.exe
C:\Users\Larissa\AppData\Local\Temp\EADA449.exe
C:\Users\Larissa\AppData\Local\Temp\EADAACF.exe
C:\Users\Larissa\AppData\Local\Temp\EADAAD0.exe
C:\Users\Larissa\AppData\Local\Temp\EADACB2.exe
C:\Users\Larissa\AppData\Local\Temp\EADB54A.exe
C:\Users\Larissa\AppData\Local\Temp\EADB634.exe
C:\Users\Larissa\AppData\Local\Temp\EADB663.exe
C:\Users\Larissa\AppData\Local\Temp\EADB7BA.exe
C:\Users\Larissa\AppData\Local\Temp\EADB911.exe
C:\Users\Larissa\AppData\Local\Temp\EADB9BD.exe
C:\Users\Larissa\AppData\Local\Temp\EADBA1A.exe
C:\Users\Larissa\AppData\Local\Temp\EADBB81.exe
C:\Users\Larissa\AppData\Local\Temp\EADBC0D.exe
C:\Users\Larissa\AppData\Local\Temp\EADBC7B.exe
C:\Users\Larissa\AppData\Local\Temp\EADBC7C.exe
C:\Users\Larissa\AppData\Local\Temp\EADC12C.exe
C:\Users\Larissa\AppData\Local\Temp\EADC1C8.exe
C:\Users\Larissa\AppData\Local\Temp\EADC2C1.exe
C:\Users\Larissa\AppData\Local\Temp\EADC31F.exe
C:\Users\Larissa\AppData\Local\Temp\EADC551.exe
C:\Users\Larissa\AppData\Local\Temp\EADC5E.exe
C:\Users\Larissa\AppData\Local\Temp\EADC9E3.exe
C:\Users\Larissa\AppData\Local\Temp\EADCB2A.exe
C:\Users\Larissa\AppData\Local\Temp\EADCE36.exe
C:\Users\Larissa\AppData\Local\Temp\EADD24B.exe
C:\Users\Larissa\AppData\Local\Temp\EADD9F9.exe
C:\Users\Larissa\AppData\Local\Temp\EADDF65.exe
C:\Users\Larissa\AppData\Local\Temp\EADE168.exe
C:\Users\Larissa\AppData\Local\Temp\EADE2EE.exe
C:\Users\Larissa\AppData\Local\Temp\EADE771.exe
C:\Users\Larissa\AppData\Local\Temp\EADF324.exe
C:\Users\Larissa\AppData\Local\Temp\EADFCC.exe
C:\Users\Larissa\AppData\Local\Temp\EAInstall.dll
C:\Users\Larissa\AppData\Local\Temp\eauninstall.exe
C:\Users\Larissa\AppData\Local\Temp\FoxySecure_IE_FF_12-02-2014_Version_5_Setup.exe
C:\Users\Larissa\AppData\Local\Temp\IminentSetup.exe
C:\Users\Larissa\AppData\Local\Temp\linksicle-setup-1-8-2-0-NEW.exe
C:\Users\Larissa\AppData\Local\Temp\Mobogenie_Setup_2-1-37_610.exe
C:\Users\Larissa\AppData\Local\Temp\optprosetup.exe
C:\Users\Larissa\AppData\Local\Temp\pennybee.exe
C:\Users\Larissa\AppData\Local\Temp\PicasaUpdater_6a.exe
C:\Users\Larissa\AppData\Local\Temp\Quarantine.exe
C:\Users\Larissa\AppData\Local\Temp\SeeSimilarSetup.exe
C:\Users\Larissa\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Larissa\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Larissa\AppData\Local\Temp\tbDVDV.dll
C:\Users\Larissa\AppData\Local\Temp\The Sims Pet Stories_uninst.exe
C:\Users\Larissa\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Larissa\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Larissa\AppData\Local\Temp\VIS_DE-2013-12-13.exe
C:\Users\Larissa\AppData\Local\Temp\_isE3F6.exe
C:\Users\Larissa\AppData\Local\Temp\_ReMarkit_up.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-01 22:47

==================== End Of Log ============================

Die Larissa 04.07.2014 19:38
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by Larissa at 2014-07-04 20:34:38
Running from C:\Users\Larissa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Abenteuer auf dem Reiterhof 6 (HKLM-x32\...\{EEE76149-DC7F-4D3E-B021-6152DF574FA6}) (Version: 1.00 - UBISOFT)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Das große Tafelwerk interaktiv (HKLM-x32\...\{3749D33C-26C8-4669-ACAA-DA3B0ADA67B6}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Foxy Secure (HKLM-x32\...\Foxy Secure) (Version:  - )
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Option WWAN Driver 5.0.32.0 Installer  (HKLM\...\{727E94E5-584F-4463-B4F5-93D3779C610B}_x) (Version: 3.5.0.1158 - Option NV)
Option WWAN Driver 5.0.32.0 Installer (Version: 3.5.0.1158 - Option NV) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Planet Horse 1.0 (HKLM-x32\...\{2A1BA1A0-9675-4564-8A24-BE17179E26C3}_is1) (Version:  - Focus Home Interactive)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Re-markit (HKLM-x32\...\7CBBDE65-66D6-AD6B-55F9-2205FEE4E8C0) (Version:  - Re-markit-software) <==== ATTENTION
Re-markit (HKLM-x32\...\c974fc9c-b15a-417f-8a56-1c64d86b29b5) (Version:  - Re-markit Software) <==== ATTENTION
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.10090 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
video MediaPlayer (HKLM-x32\...\video MediaPlayer) (Version: 1.34.6.10 - enter) <==== ATTENTION
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{D40BD1FB-10B4-4042-A5AE-8364941019F6}) (Version: 11.47.66.16718 - Linkury Inc.) <==== ATTENTION
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

22-06-2014 06:43:03 Removed Apple Software Update
22-06-2014 06:46:43 Removed Bonjour
22-06-2014 06:50:53 Removed Mobile Broadband Generic Drivers.
22-06-2014 06:58:07 Removed Pinnacle VideoSpin.
22-06-2014 07:01:15 Entfernt Realtek PCIE Card Reader
22-06-2014 07:01:58 Removed Sierra Wireless Drivers.
23-06-2014 01:00:10 Windows Update
01-07-2014 20:54:52 Geplanter Prüfpunkt
04-07-2014 17:55:34 Revo Uninstaller's restore point - Re-markit
04-07-2014 18:06:08 Revo Uninstaller's restore point - Settings Manager
04-07-2014 18:09:06 Revo Uninstaller's restore point - SupTab
04-07-2014 18:10:30 Revo Uninstaller's restore point - t4pc_en_6
04-07-2014 18:12:25 Revo Uninstaller's restore point - video MediaPlayer
04-07-2014 18:13:49 Revo Uninstaller's restore point - video MediaPlayer
04-07-2014 18:14:55 Revo Uninstaller's restore point - webssearches uninstaller
04-07-2014 18:16:32 Revo Uninstaller's restore point - WindowsProtectManger20.0.0.401
04-07-2014 18:17:44 Revo Uninstaller's restore point - Yahoo Community Smartbar
04-07-2014 18:19:03 Revo Uninstaller's restore point - Yahoo Community Smartbar Engine

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {08620E43-A7B2-4E06-89FF-3D2EF8D927D2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {13D8CC9C-4C82-4256-9B32-7F860FD1E086} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1638CD03-5AE9-458F-8903-59713B5B9B0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {17C73F27-828B-4861-BC8F-85CE81AD0EC6} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {1A605656-73A6-45D9-B6C8-90C0BBECB82B} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1D14F18C-9942-472E-AE6C-4759719EC3EF} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {211CA690-B008-484D-9E4D-053BDED5DCF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25] (Google Inc.)
Task: {27496A9D-7AA8-47E0-9699-4C1029F05BCF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {29573B2B-B778-444B-B0CD-DAF877B74364} - \76e29085-a0b8-44c4-9613-e639f3d9191a-4 No Task File <==== ATTENTION
Task: {299E454B-BC91-4409-9E41-762094DD6397} - \76e29085-a0b8-44c4-9613-e639f3d9191a-3 No Task File <==== ATTENTION
Task: {2C1F951E-69D4-4842-9605-83A2CE81EA44} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {34CF72CB-B772-476E-8C69-8E62279759DB} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3AA2A44A-3901-414D-A5CB-7E52F1803E30} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {3C6F51E8-3A2B-46FA-B3EB-89B654CFE28A} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4449081A-8B29-4CC7-A62B-3A41A17BCA0E} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {44A065E6-C5C1-4956-99B4-BEA58A4A57B6} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {459793BA-827A-481A-BA7F-9E13047327A9} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {49C34184-804E-4869-B667-629ED30C6BED} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4B85F4E9-258A-49B7-961F-B2ADCC0AFC68} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25] (Google Inc.)
Task: {53434622-ABA6-42AB-8B5B-B629BBC7AD9E} - \76e29085-a0b8-44c4-9613-e639f3d9191a-5 No Task File <==== ATTENTION
Task: {7023B253-0F55-489E-B6CA-D009567E2D4E} - \DigitalSite No Task File <==== ATTENTION
Task: {70ABDC66-A1E9-4671-A02F-83E4D2914A6E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {7B27FA51-1DF2-47BE-8A88-2018B39CBA36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17] (Google Inc.)
Task: {8C0E34AB-A602-4CD5-8466-755EF4D8B95E} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {944D3AC6-1F3C-45E6-9FEB-1E38FD85DCB9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {98F1B20B-5C0E-4743-86B2-68D251492900} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17] (Google Inc.)
Task: {993F6B47-B7EF-4369-88F9-AD15876C1F31} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {9948E87E-B4B5-4F73-8B00-E8F7F0900545} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {9CA39CF9-495A-434F-B08A-1FC4CD2E474F} - \Re-markit Update No Task File <==== ATTENTION
Task: {A289324F-0527-4F6D-A353-1B51B3B4F7BE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {A7C74A75-C173-427E-9179-C1CED7F4B39A} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {A9758080-4F3F-4786-9BD8-E286FBDDA8E1} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {ABC280DF-ED7D-4F99-A46E-B8DA14EFB712} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {AEE827AD-1BB5-4027-BF68-1EC36EF93803} - \76e29085-a0b8-44c4-9613-e639f3d9191a-2 No Task File <==== ATTENTION
Task: {B6B85BA3-AB2D-4DEB-B848-33261B2AB06C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-24] (Adobe Systems Incorporated)
Task: {B925986B-CD50-421C-A0FE-463D6DE6BF89} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F02BFC6A-0D57-450E-B417-6AAFFAA0D60D} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {F7820B41-D9AF-4108-9788-681334230394} - \76e29085-a0b8-44c4-9613-e639f3d9191a-1 No Task File <==== ATTENTION
Task: {FC4CF8A7-FBF0-4706-AA00-D2B9CE688EC3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FF22D409-61A3-4635-BC72-6BDA2AED1634} - \76e29085-a0b8-44c4-9613-e639f3d9191a-11 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-02-20 22:29 - 2012-02-20 22:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 22:28 - 2012-02-20 22:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-21 13:21 - 2014-06-21 13:21 - 00374272 _____ () C:\Users\Larissa\AppData\Roaming\Win System\sub\default.dll
2012-02-01 19:40 - 2011-03-05 17:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-06-19 15:14 - 2014-06-19 15:14 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-02-18 12:18 - 2011-02-18 12:18 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-02-15 16:07 - 2014-02-15 16:07 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2012-02-01 19:27 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-05-24 16:54 - 2014-05-24 16:54 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

==================== Faulty Device Manager Devices =============

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: lsnfd
Description: lsnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lsnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2014 08:30:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 08:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x3a90
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/04/2014 07:57:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x23c4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/02/2014 01:00:05 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 10:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 07:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 04:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 01:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/01/2014 10:18:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markitQ.exe, Version: 1.174.0.0, Zeitstempel: 0x53a17e76
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x27f0
Startzeit der fehlerhaften Anwendung: 0xRe-markitQ.exe0
Pfad der fehlerhaften Anwendung: Re-markitQ.exe1
Pfad des fehlerhaften Moduls: Re-markitQ.exe2
Berichtskennung: Re-markitQ.exe3

Error: (07/01/2014 10:18:01 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80


System errors:
=============
Error: (07/04/2014 08:31:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612

Error: (07/04/2014 08:29:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv07
lsnfd

Error: (07/04/2014 08:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (07/04/2014 08:28:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (07/04/2014 08:26:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/04/2014 08:26:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/04/2014 08:26:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/04/2014 08:26:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/04/2014 08:26:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/04/2014 08:26:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (07/04/2014 08:30:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 08:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b3a9001cf97b18604851eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb8c96611-03a7-11e4-a54d-9439e5c5c0aa

Error: (07/04/2014 07:57:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b23c401cf9619242c6b31C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla07d1c63-03a4-11e4-a54d-9439e5c5c0aa

Error: (07/02/2014 01:00:05 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 10:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 07:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 04:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 01:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/01/2014 10:18:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markitQ.exe1.174.0.053a17e76unknown0.0.0.000000000c00000050000000027f001cf956985f404f7C:\Program Files (x86)\-Re-markit-soft\Re-markitQ.exeunknownce3b9fe4-015c-11e4-a54d-9439e5c5c0aa

Error: (07/01/2014 10:18:01 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80


CodeIntegrity Errors:
===================================
  Date: 2014-07-04 20:28:44.545
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 20:28:44.465
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 20:28:35.962
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 20:28:35.872
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 20:28:20.284
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 20:28:20.206
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 08:54:01.933
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 08:54:01.853
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 08:53:32.083
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-22 08:53:31.993
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 50%
Total physical RAM: 4077.86 MB
Available physical RAM: 2020.78 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 5915.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.98 GB) (Free:172.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: CA51395E)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284 GB) - (Type=07 NTFS)

==================== End Of Log ============================

deeprybka 04.07.2014 19:59
OK... ;)

Für den nächsten Schritt bitte Dein Antivirus ausmachen...Und die Datei auch auf den Desktop abspeichern!

http://s7.directupload.net/images/140625/4wez3des.png

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Die Larissa 04.07.2014 20:18
Oh man, wenn ich jetzt Avira öffnen möchte um Avira aus zu machen erscheint irgend so ne Fehlmeldung.
Ich habe ein Bild davon gemacht, aber ich kann es hier nicht posten oder ?!

(Ich habe Combofix schon runter geladen ... kann es damit zusammen hängen?) :)

Registrierungsschlüssel kommt in der Fehlmeldung vor

deeprybka 04.07.2014 20:24
Da wo der rote Pfeil hinzeigt auf Aus stellen. Egal ob Avira mault, da soll nur Echtzeitscanner "AUS" stehen... ;)

Die Larissa 04.07.2014 21:04
Erledigt :)

Code:
ComboFix 14-07-03.01 - Larissa 04.07.2014  21:32:43.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4078.2545 [GMT 2:00]
ausgeführt von:: c:\users\Larissa\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Java\jre7\bin\jp2ssv.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Packer.exe.lnk
c:\users\Larissa\AppData\Local\nso71F8.tmp
c:\users\Larissa\Desktop\Search.lnk
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-06-04 bis 2014-07-04  ))))))))))))))))))))))))))))))
.
.
2014-07-04 19:44 . 2014-07-04 19:44        --------        d-----w-        c:\users\Freunde\AppData\Local\temp
2014-07-04 19:44 . 2014-07-04 19:44        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-07-04 18:24 . 2010-08-30 06:34        536576        ----a-w-        c:\windows\SysWow64\sqlite3.dll
2014-07-04 18:22 . 2014-07-04 18:26        --------        d-----w-        C:\AdwCleaner
2014-07-04 16:29 . 2014-07-04 18:35        --------        d-----w-        C:\FRST
2014-06-22 22:27 . 2014-06-09 10:15        61120        ----a-w-        c:\windows\system32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys
2014-06-22 04:18 . 2014-07-04 17:56        --------        d-----w-        c:\program files (x86)\-Re-markit-soft
2014-06-21 11:21 . 2014-06-21 11:21        --------        d-----w-        c:\users\Larissa\AppData\Roaming\Win System
2014-06-21 11:21 . 2014-06-21 11:21        --------        d-sh--w-        c:\users\Larissa\AppData\Local\EmieUserList
2014-06-21 11:21 . 2014-06-21 11:21        --------        d-sh--w-        c:\users\Larissa\AppData\Local\EmieSiteList
2014-06-21 11:20 . 2014-07-04 18:08        --------        d-----w-        c:\users\Larissa\AppData\Roaming\Security Systems
2014-06-14 17:19 . 2014-06-08 09:13        506368        ----a-w-        c:\windows\system32\aepdu.dll
2014-06-14 17:19 . 2014-06-08 09:08        424448        ----a-w-        c:\windows\system32\aeinv.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-24 09:59 . 2013-11-09 13:24        117712        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2014-06-20 16:39 . 2014-04-30 01:00        95414520        ----a-w-        c:\windows\system32\MRT.exe
2014-06-14 19:46 . 2013-11-09 13:24        130584        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2014-05-24 14:54 . 2012-03-29 15:02        70832        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-24 14:54 . 2012-03-29 15:02        692400        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-24 14:54 . 2014-05-24 14:54        17938608        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-04-18 19:29 . 2014-04-18 19:29        74703        ----a-w-        c:\windows\SysWow64\mfc45.dll
2014-04-18 19:28 . 2014-04-18 19:29        13792        ----a-w-        c:\windows\system32\drivers\semav6thermal64ro.sys
2014-04-12 02:22 . 2014-05-24 13:08        155072        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:22 . 2014-05-24 13:08        95680        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:19 . 2014-05-24 13:08        29184        ----a-w-        c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-24 13:08        136192        ----a-w-        c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-24 13:08        28160        ----a-w-        c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-24 13:08        1460736        ----a-w-        c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-24 13:08        31232        ----a-w-        c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-24 13:08        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-24 13:08        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{01F29AE5-D48D-417B-9D00-8A115C23A0EB}]
2014-06-11 11:25        3296768        ----a-w-        c:\users\Larissa\AppData\LocalLow\SYSTEM~1\bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-06-24 750160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 lsnfd;lsnfd;c:\windows\system32\drivers\lsnfd.sys;c:\windows\SYSNATIVE\drivers\lsnfd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\DRIVERS\swivspnt.sys;c:\windows\SYSNATIVE\DRIVERS\swivspnt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 {af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64;{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64;c:\windows\system32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys;c:\windows\SYSNATIVE\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 GtDetectSc;GtDetectSc;c:\program files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe;c:\program files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [x]
S2 HandleService;Handle Service;c:\users\Larissa\AppData\Roaming\Win System\handle.exe;c:\users\Larissa\AppData\Roaming\Win System\handle.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 14:54]
.
2014-07-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job
- c:\users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-09 10:55]
.
2014-07-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job
- c:\users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-09 10:55]
.
2014-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 15:29]
.
2014-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 15:29]
.
2014-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job
- c:\users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25 14:17]
.
2014-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job
- c:\users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25 14:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Larissa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Mit Mipony herunterladen - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{24ac098d-eb44-41b3-abaa-f4bc67d4d64d} - c:\program files (x86)\ToggleMark\ToggleMarkbho.dll
BHO-{4d5c5a63-c98f-4693-a3dc-5cf708212045} - c:\program files (x86)\Re-markit\150.dll
BHO-{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKLM-Run-fst_de_56 - (no file)
Wow6432Node-HKLM-Run-t4pc_en_6 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-Activeris AntiMalware_is1 - c:\program files (x86)\Activeris AntiMalware\unins000.exe
AddRemove-c974fc9c-b15a-417f-8a56-1c64d86b29b5 - c:\program files (x86)\Re-markit\Uninstall.exe
AddRemove-Foxy Secure - c:\users\Larissa\AppData\Roaming\Security Systems\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-04  22:02:03 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-07-04 20:01
.
Vor Suchlauf: 14 Verzeichnis(se), 188.491.075.584 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 194.772.578.304 Bytes frei
.
- - End Of File - - 6ADDFA2F4C3B7557B481DAD598A48D20

deeprybka 04.07.2014 21:10
Zitat:
ausgeführt von:: c:\users\Larissa\Downloads\ComboFix.exe
:pfeiff:


OK, weiter gehts....

Schritt 1

http://filepony.de/icon/malwarebytes_anti_malware.png Malwarebytes Antimalware
  • Download-Link
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
  • Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Die Larissa 04.07.2014 21:48
:D

Also ich habe jetzt ales erledigt, komme aber am letztzen Schritt nicht weiter!

'poste mir den Inhalt in Code-Tags als Antwort'

Ich habe alles gemacht aber diese Option kommt nicht

deeprybka 04.07.2014 21:49
Na Du sollst das Log genau wie die anderen Logs auch zuvor in "Code-Tags" posten.


Lesestoff
http://filepony.de/icon/malwarebytes_anti_malware.pngMBAM-Funde posten: So gehts...
Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden.
Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.
  • Starte MBAM.
  • Klicke auf Verlauf.
  • Klicke auf Anwendungsprotokolle.
  • Klicke auf das letzte Suchlaufprotokoll mit Funden.
  • Klicke auf "In Zwischenablage kopieren".
  • Poste den Inhalt in Code-Tags [CODE] [/CODE] durch Einfügen mit Strg+V als Antwort in Deinen Thread.
http://deeprybka.trojaner-board.de/b...mbamposten.gif

Die Larissa 04.07.2014 21:53
Achsoooo, mir war nicht bewusst was eine Zwischenablage ist :D


Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 04.07.2014
Suchlauf-Zeit: 22:22:08
Logdatei:
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.04.09
Rootkit Datenbank: v2014.07.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Larissa

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 332665
Verstrichene Zeit: 16 Min, 22 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 12
PUP.Optional.ToggleMark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{24ac098d-eb44-41b3-abaa-f4bc67d4d64d}, In Quarantäne, [ab77bedd90eb6acc84ac86c944bed030],
PUP.Optional.ToggleMark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{24AC098D-EB44-41B3-ABAA-F4BC67D4D64D}, In Quarantäne, [ab77bedd90eb6acc84ac86c944bed030],
PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}, In Quarantäne, [b76b0a916a111e18b201282525ddbd43],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64, In Quarantäne, [56ccabf00c6f9e98d4655ab4e123857b],
PUP.Optional.Linksicle.A, HKLM\SOFTWARE\WOW6432NODE\Linksicle, In Quarantäne, [839f92096219c96da7162ea6946e38c8],
PUP.Optional.Linksicle, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LSNFD, In Quarantäne, [ce543c5f80fb72c41fcb5a7e6f938a76],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-1.2, Löschen bei Neustart, [b36f1c7f3546d66095ba13b84fb3867a],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1729608130-416407075-3546430458-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, Löschen bei Neustart, [fb27acefe2992214a6cef3d00af8718f],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1729608130-416407075-3546430458-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, Löschen bei Neustart, [b36f118aa4d7c67015002faad131cb35],
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\7CBBDE65-66D6-AD6B-55F9-2205FEE4E8C0, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4d5c5a63-c98f-4693-a3dc-5cf708212045}, In Quarantäne, [e939d6c5dd9e979f2b0a4a4ba06419e7],
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4D5C5A63-C98F-4693-A3DC-5CF708212045}, In Quarantäne, [e939d6c5dd9e979f2b0a4a4ba06419e7],

Registrierungswerte: 3
PUP.Optional.Linksicle.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|linksicle@linksicle.com, C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com, In Quarantäne, [1c066e2d82f93afc06b8c70dd42e926e]
PUP.Optional.Linksicle, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LSNFD|ImagePath, system32\drivers\lsnfd.sys, In Quarantäne, [ce543c5f80fb72c41fcb5a7e6f938a76]
PUP.Optional.QuickStart.A, HKU\S-1-5-21-1729608130-416407075-3546430458-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, Löschen bei Neustart, [e73b4e4d215a36006fa2397d28da59a7]

Registrierungsdaten: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[5dc5a1fafc7f70c62161c5ce0ff543bd]

Ordner: 3
PUP.Optional.OfferMosquito.A, C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk, In Quarantäne, [988a8219d9a221156d44a10610f2f40c],
PUP.Optional.OfferMosquito.A, C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito, In Quarantäne, [ff2343580e6d8babae047a2d6e947b85],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],

Dateien: 22
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys, Löschen bei Neustart, [7a746f33f846de8e6a303a0ff6c4a4aa],
PUP.Optional.Downloader, C:\Users\Larissa\Downloads\Setup.exe, In Quarantäne, [1a0843588dee50e67b571878b24ff40c],
PUP.Optional.Softonic.A, C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_3d-fahrschule(1).exe, In Quarantäne, [3ee436653c3f82b43717d155c0417d83],
PUP.Optional.Softonic.A, C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_3d-fahrschule.exe, In Quarantäne, [54ce8b1074077fb767e71610a35e9868],
PUP.Optional.Softonic, C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_bus-simulator-2012.exe, In Quarantäne, [f72b2c6f91eaa78f757bdc2ef70a6d93],
PUP.Optional.Softonic, C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_euro-truck-simulator.exe, In Quarantäne, [c062dac1186345f16789ef1ba55c629e],
PUP.Optional.Softonic.A, C:\Users\Larissa\Downloads\SoftonicDownloader_fuer_geheimakte-3.exe, In Quarantäne, [d34fd4c7047743f3de70a77ff9083ec2],
PUP.Optional.BundleInstaller.A, C:\Users\Larissa\Downloads\Java.exe, In Quarantäne, [b270dfbcf08b43f3ceeb4b002ad70df3],
PUP.Optional.SnapDo.A, C:\Windows\Installer\b2496d1.msi, In Quarantäne, [57cbd9c23249171f7f371178b849857b],
PUP.Optional.OfferMosquito.A, C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito\ext_offermosquito.crx, In Quarantäne, [ff2343580e6d8babae047a2d6e947b85],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\174.crx, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\174.dat, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\a.db, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\b.db, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\Re-markitaj174.bin, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\Re-markitaj174.dll, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\Re-markitaj174.exe, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\Re-markitaj174.ini, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\Re-markiti07.exe, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\Re-markitQ.exe, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\Sqlite3.dll, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\-Re-markit-soft\Uninstall.exe, In Quarantäne, [0022a9f2daa1e74f9f145d520df54eb2],

Physische Sektoren: 0
(No malicious items detected)


(end)

deeprybka 04.07.2014 21:55
Ja und Schritt 2 noch... ;)

Die Larissa 04.07.2014 21:58
Und hier auch noch die anderen beiden Logs ;)


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Larissa (administrator) on LARISSA-VAIO on 04-07-2014 22:55:20
Running from C:\Users\Larissa\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(OptionNV) C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe
(Handle) C:\Users\Larissa\AppData\Roaming\Win System\handle.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Farbar) C:\Users\Larissa\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [54072 2014-05-12] (Malwarebytes Corporation)
HKU\S-1-5-21-1729608130-416407075-3546430458-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Google Update] => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-25] (Google Inc.)
HKU\S-1-5-21-1729608130-416407075-3546430458-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {77e62f4b-4cf8-11e1-b705-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-1729608130-416407075-3546430458-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-25] (Google Inc.)
HKU\S-1-5-21-1729608130-416407075-3546430458-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {77e62f4b-4cf8-11e1-b705-806e6f6e6963} - E:\Autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name - {01F29AE5-D48D-417B-9D00-8A115C23A0EB} - C:\Users\Larissa\AppData\LocalLow\systems ie bho\bho.dll ()
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {963B125B-8B21-49A2-A3A8-E37092276531}} -  No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: No Name - {ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Larissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Larissa\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-02]
FF HKCU\...\Firefox\Extensions: [{1766c545-cec8-4a4d-a869-a22153bec7a3}] - C:\Program Files (x86)\Re-markit\150.xpi
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage:
CHR Extension: (Re-Markable) - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\knjbfmepegbmbdkabccnkjdmlmpmeoci [2014-04-29]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 GtDetectSc; C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [809984 2009-05-04] (OptionNV) [File not signed]
R2 HandleService; C:\Users\Larissa\AppData\Roaming\Win System\handle.exe [637952 2014-06-10] (Handle) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2013-10-29] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [211456 2012-08-18] () [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-25] (Avira Operations GmbH & Co. KG)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2012-08-18] () [File not signed]
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [122584 2014-07-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 swivsp; C:\Windows\System32\DRIVERS\swivspnt.sys [23552 2007-03-26] (Sierra Wireless Inc.) [File not signed]
U0 wbfvx; C:\Windows\System32\drivers\rsnpl.sys [79064 2014-07-04] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 RSPCIESTOR; system32\DRIVERS\RtsPStor.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 22:55 - 2014-07-04 22:56 - 00017415 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-04 22:54 - 2014-07-04 22:55 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64(1).exe
2014-07-04 22:42 - 2014-07-04 22:42 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rsnpl.sys
2014-07-04 22:19 - 2014-07-04 22:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 22:19 - 2014-07-04 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-04 22:18 - 2014-07-04 22:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-04 22:18 - 2014-07-04 22:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Larissa\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 22:18 - 2014-07-04 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 22:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-04 22:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-04 22:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-04 22:02 - 2014-07-04 22:02 - 00025657 _____ () C:\ComboFix.txt
2014-07-04 21:05 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-04 21:05 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-04 21:05 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-04 21:04 - 2014-07-04 22:02 - 00000000 ____D () C:\Qoobox
2014-07-04 21:04 - 2014-07-04 21:59 - 00000000 ____D () C:\Windows\erdnt
2014-07-04 21:03 - 2014-07-04 21:03 - 05213907 ____R (Swearware) C:\Users\Larissa\Downloads\ComboFix.exe
2014-07-04 20:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-04 20:22 - 2014-07-04 20:26 - 00000000 ____D () C:\AdwCleaner
2014-07-04 20:20 - 2014-07-04 20:20 - 01346519 _____ () C:\Users\Larissa\Downloads\adwcleaner_3.214.exe
2014-07-04 18:29 - 2014-07-04 22:55 - 00000000 ____D () C:\FRST
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-06-24 12:49 - 2014-07-04 20:26 - 00001079 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-23 00:27 - 2014-06-09 12:15 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys
2014-06-22 18:58 - 2014-07-04 12:08 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:18 - 2014-07-04 19:56 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Win System
2014-06-21 13:20 - 2014-07-04 20:08 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-06-21 06:37 - 2014-06-21 18:38 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 19:21 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-14 19:21 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-14 19:21 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-14 19:21 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-14 19:21 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-14 19:21 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-14 19:21 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-14 19:21 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-14 19:21 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-14 19:21 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-14 19:21 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-14 19:21 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-14 19:21 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-14 19:21 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-14 19:21 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-14 19:21 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-14 19:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-14 19:21 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 19:21 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 19:21 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-14 19:19 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-14 19:19 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-14 13:51 - 2014-06-20 18:34 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-07 13:11 - 2014-06-14 13:52 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung

==================== One Month Modified Files and Folders =======

2014-07-04 22:56 - 2014-07-04 22:55 - 00017415 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-04 22:55 - 2014-07-04 22:54 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64(1).exe
2014-07-04 22:55 - 2014-07-04 18:29 - 00000000 ____D () C:\FRST
2014-07-04 22:54 - 2012-03-29 17:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 22:50 - 2012-11-25 16:18 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job
2014-07-04 22:42 - 2014-07-04 22:42 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rsnpl.sys
2014-07-04 22:42 - 2012-06-19 20:07 - 00000000 ____D () C:\Windows\cs
2014-07-04 22:22 - 2014-07-04 22:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 22:19 - 2014-07-04 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-04 22:19 - 2014-07-04 22:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-04 22:18 - 2014-07-04 22:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Larissa\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 22:18 - 2014-07-04 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 22:17 - 2012-02-01 19:19 - 01536251 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 22:02 - 2014-07-04 22:02 - 00025657 _____ () C:\ComboFix.txt
2014-07-04 22:02 - 2014-07-04 21:04 - 00000000 ____D () C:\Qoobox
2014-07-04 22:02 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-04 22:00 - 2012-07-09 03:50 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job
2014-07-04 21:59 - 2014-07-04 21:04 - 00000000 ____D () C:\Windows\erdnt
2014-07-04 21:57 - 2012-12-17 17:29 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 21:54 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 21:54 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-04 21:51 - 2012-02-02 04:14 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-07-04 21:51 - 2012-02-02 04:14 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-07-04 21:51 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-04 21:47 - 2012-12-17 17:29 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 21:47 - 2012-03-12 13:16 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{08158E50-22FD-4CF1-BAC4-092B9F4F9693}
2014-07-04 21:47 - 2012-02-01 19:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-04 21:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-04 21:47 - 2009-07-14 06:51 - 00083693 _____ () C:\Windows\setupact.log
2014-07-04 21:47 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-04 21:46 - 2010-11-21 05:47 - 00273830 _____ () C:\Windows\PFRO.log
2014-07-04 21:27 - 2012-03-13 13:15 - 00000000 ____D () C:\Users\Larissa\AppData\Local\CrashDumps
2014-07-04 21:03 - 2014-07-04 21:03 - 05213907 ____R (Swearware) C:\Users\Larissa\Downloads\ComboFix.exe
2014-07-04 20:29 - 2012-08-27 12:21 - 00000000 ___RD () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-04 20:29 - 2012-03-13 00:15 - 00000000 ____D () C:\Users\Larissa\Tracing
2014-07-04 20:26 - 2014-07-04 20:22 - 00000000 ____D () C:\AdwCleaner
2014-07-04 20:26 - 2014-06-24 12:49 - 00001079 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-04 20:26 - 2013-07-20 22:49 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Common
2014-07-04 20:26 - 2012-11-23 12:08 - 00000000 ____D () C:\Users\Freunde
2014-07-04 20:26 - 2012-03-12 13:32 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 20:26 - 2012-03-12 13:07 - 00000999 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-04 20:26 - 2012-03-12 13:05 - 00000000 ____D () C:\Users\Larissa
2014-07-04 20:20 - 2014-07-04 20:20 - 01346519 _____ () C:\Users\Larissa\Downloads\adwcleaner_3.214.exe
2014-07-04 20:08 - 2014-06-21 13:20 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-07-04 19:59 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-07-04 19:56 - 2014-06-22 06:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-07-04 13:00 - 2012-07-09 03:50 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job
2014-07-04 12:08 - 2014-06-22 18:58 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-07-04 10:50 - 2012-11-25 16:18 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job
2014-07-03 22:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-24 14:21 - 2012-03-12 13:08 - 00000000 ____D () C:\Users\Larissa\Documents\Bluetooth Folder
2014-06-24 11:59 - 2013-11-09 15:24 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-22 09:01 - 2012-02-01 19:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-22 09:01 - 2012-02-01 19:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 09:00 - 2012-02-01 19:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-22 08:49 - 2013-07-20 22:51 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\Program Files (x86)\3D-Fahrschule Demo
2014-06-22 08:39 - 2013-12-22 19:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:18 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-22 06:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-22 05:32 - 2012-06-11 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 18:38 - 2014-06-21 06:37 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Win System
2014-06-20 23:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 18:59 - 2014-05-09 09:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-20 18:58 - 2012-03-12 13:36 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\SoftGrid Client
2014-06-20 18:42 - 2014-04-29 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-20 18:39 - 2014-04-30 03:00 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-20 18:34 - 2014-06-14 13:51 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-19 19:52 - 2012-12-17 17:29 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:52 - 2012-12-17 17:29 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 21:46 - 2013-11-09 15:24 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-14 19:15 - 2012-05-17 13:21 - 00000000 ____D () C:\Update
2014-06-14 19:15 - 2012-02-01 19:35 - 00000000 ____D () C:\Program Files\Sony
2014-06-14 13:52 - 2014-06-07 13:11 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung
2014-06-14 13:51 - 2012-03-12 13:06 - 00118024 _____ () C:\Users\Larissa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-09 12:15 - 2014-06-23 00:27 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys
2014-06-08 11:13 - 2014-06-14 19:19 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-14 19:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 13:31 - 2012-04-03 23:59 - 00000000 ____D () C:\Users\Larissa\Documents\Tagebuch

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-01 22:47

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by Larissa at 2014-07-04 22:56:24
Running from C:\Users\Larissa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Abenteuer auf dem Reiterhof 6 (HKLM-x32\...\{EEE76149-DC7F-4D3E-B021-6152DF574FA6}) (Version: 1.00 - UBISOFT)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Das große Tafelwerk interaktiv (HKLM-x32\...\{3749D33C-26C8-4669-ACAA-DA3B0ADA67B6}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Foxy Secure (HKLM-x32\...\Foxy Secure) (Version:  - )
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Option WWAN Driver 5.0.32.0 Installer  (HKLM\...\{727E94E5-584F-4463-B4F5-93D3779C610B}_x) (Version: 3.5.0.1158 - Option NV)
Option WWAN Driver 5.0.32.0 Installer (Version: 3.5.0.1158 - Option NV) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Planet Horse 1.0 (HKLM-x32\...\{2A1BA1A0-9675-4564-8A24-BE17179E26C3}_is1) (Version:  - Focus Home Interactive)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Re-markit (HKLM-x32\...\c974fc9c-b15a-417f-8a56-1c64d86b29b5) (Version:  - Re-markit Software) <==== ATTENTION
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.10090 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{D40BD1FB-10B4-4042-A5AE-8364941019F6}) (Version: 11.47.66.16718 - Linkury Inc.) <==== ATTENTION
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

22-06-2014 07:01:58 Removed Sierra Wireless Drivers.
23-06-2014 01:00:10 Windows Update
01-07-2014 20:54:52 Geplanter Prüfpunkt
04-07-2014 17:55:34 Revo Uninstaller's restore point - Re-markit
04-07-2014 18:06:08 Revo Uninstaller's restore point - Settings Manager
04-07-2014 18:09:06 Revo Uninstaller's restore point - SupTab
04-07-2014 18:10:30 Revo Uninstaller's restore point - t4pc_en_6
04-07-2014 18:12:25 Revo Uninstaller's restore point - video MediaPlayer
04-07-2014 18:13:49 Revo Uninstaller's restore point - video MediaPlayer
04-07-2014 18:14:55 Revo Uninstaller's restore point - webssearches uninstaller
04-07-2014 18:16:32 Revo Uninstaller's restore point - WindowsProtectManger20.0.0.401
04-07-2014 18:17:44 Revo Uninstaller's restore point - Yahoo Community Smartbar
04-07-2014 18:19:03 Revo Uninstaller's restore point - Yahoo Community Smartbar Engine

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-07-04 21:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {08620E43-A7B2-4E06-89FF-3D2EF8D927D2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {13D8CC9C-4C82-4256-9B32-7F860FD1E086} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1638CD03-5AE9-458F-8903-59713B5B9B0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {17C73F27-828B-4861-BC8F-85CE81AD0EC6} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {1A605656-73A6-45D9-B6C8-90C0BBECB82B} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1D14F18C-9942-472E-AE6C-4759719EC3EF} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {211CA690-B008-484D-9E4D-053BDED5DCF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25] (Google Inc.)
Task: {27496A9D-7AA8-47E0-9699-4C1029F05BCF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {29573B2B-B778-444B-B0CD-DAF877B74364} - \76e29085-a0b8-44c4-9613-e639f3d9191a-4 No Task File <==== ATTENTION
Task: {299E454B-BC91-4409-9E41-762094DD6397} - \76e29085-a0b8-44c4-9613-e639f3d9191a-3 No Task File <==== ATTENTION
Task: {2C1F951E-69D4-4842-9605-83A2CE81EA44} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {34CF72CB-B772-476E-8C69-8E62279759DB} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3AA2A44A-3901-414D-A5CB-7E52F1803E30} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {3C6F51E8-3A2B-46FA-B3EB-89B654CFE28A} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4449081A-8B29-4CC7-A62B-3A41A17BCA0E} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {459793BA-827A-481A-BA7F-9E13047327A9} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {49C34184-804E-4869-B667-629ED30C6BED} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4B85F4E9-258A-49B7-961F-B2ADCC0AFC68} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25] (Google Inc.)
Task: {53434622-ABA6-42AB-8B5B-B629BBC7AD9E} - \76e29085-a0b8-44c4-9613-e639f3d9191a-5 No Task File <==== ATTENTION
Task: {600CE8DC-756D-43D4-B808-C198D7A288D5} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {7023B253-0F55-489E-B6CA-D009567E2D4E} - \DigitalSite No Task File <==== ATTENTION
Task: {70ABDC66-A1E9-4671-A02F-83E4D2914A6E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {7B27FA51-1DF2-47BE-8A88-2018B39CBA36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17] (Google Inc.)
Task: {8C0E34AB-A602-4CD5-8466-755EF4D8B95E} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {944D3AC6-1F3C-45E6-9FEB-1E38FD85DCB9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {98F1B20B-5C0E-4743-86B2-68D251492900} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17] (Google Inc.)
Task: {993F6B47-B7EF-4369-88F9-AD15876C1F31} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {9948E87E-B4B5-4F73-8B00-E8F7F0900545} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {9CA39CF9-495A-434F-B08A-1FC4CD2E474F} - \Re-markit Update No Task File <==== ATTENTION
Task: {A289324F-0527-4F6D-A353-1B51B3B4F7BE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {A7C74A75-C173-427E-9179-C1CED7F4B39A} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {A9758080-4F3F-4786-9BD8-E286FBDDA8E1} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {ABC280DF-ED7D-4F99-A46E-B8DA14EFB712} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {AEE827AD-1BB5-4027-BF68-1EC36EF93803} - \76e29085-a0b8-44c4-9613-e639f3d9191a-2 No Task File <==== ATTENTION
Task: {B6B85BA3-AB2D-4DEB-B848-33261B2AB06C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-24] (Adobe Systems Incorporated)
Task: {B925986B-CD50-421C-A0FE-463D6DE6BF89} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F02BFC6A-0D57-450E-B417-6AAFFAA0D60D} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {F7820B41-D9AF-4108-9788-681334230394} - \76e29085-a0b8-44c4-9613-e639f3d9191a-1 No Task File <==== ATTENTION
Task: {FC4CF8A7-FBF0-4706-AA00-D2B9CE688EC3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FF22D409-61A3-4635-BC72-6BDA2AED1634} - \76e29085-a0b8-44c4-9613-e639f3d9191a-11 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-02-20 22:29 - 2012-02-20 22:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 22:28 - 2012-02-20 22:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-21 13:21 - 2014-06-21 13:21 - 00374272 _____ () C:\Users\Larissa\AppData\Roaming\Win System\sub\default.dll
2012-02-01 19:40 - 2011-03-05 17:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-02-15 16:07 - 2014-02-15 16:07 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2012-02-01 19:27 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-06-19 15:14 - 2014-06-19 15:14 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-02-18 12:18 - 2011-02-18 12:18 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

==================== Faulty Device Manager Devices =============

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: lsnfd
Description: lsnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lsnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2014 09:48:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 09:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1220
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/04/2014 08:30:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 08:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x3a90
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/04/2014 07:57:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x23c4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/02/2014 01:00:05 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 10:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 07:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 04:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 01:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80


System errors:
=============
Error: (07/04/2014 10:23:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/04/2014 09:49:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612

Error: (07/04/2014 09:47:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv07
lsnfd

Error: (07/04/2014 09:47:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (07/04/2014 09:47:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (07/04/2014 09:45:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/04/2014 09:45:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/04/2014 09:40:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/04/2014 09:36:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/04/2014 09:04:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Handle Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (07/04/2014 09:48:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 09:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b122001cf97b61f8bf937C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2db030a7-03b1-11e4-98d3-9439e5c5c0aa

Error: (07/04/2014 08:30:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 08:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b3a9001cf97b18604851eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb8c96611-03a7-11e4-a54d-9439e5c5c0aa

Error: (07/04/2014 07:57:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b23c401cf9619242c6b31C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla07d1c63-03a4-11e4-a54d-9439e5c5c0aa

Error: (07/02/2014 01:00:05 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 10:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 07:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 04:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 01:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80


CodeIntegrity Errors:
===================================
  Date: 2014-07-04 21:47:15.819
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 21:47:15.679
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 21:47:10.274
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 21:47:10.174
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 21:46:49.833
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 21:46:49.755
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 21:40:09.616
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 21:40:09.536
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 20:28:44.545
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 20:28:44.465
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 47%
Total physical RAM: 4077.86 MB
Available physical RAM: 2155.1 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 5912.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.98 GB) (Free:181.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: CA51395E)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284 GB) - (Type=07 NTFS)

==================== End Of Log ==========================

deeprybka 04.07.2014 22:10
Hi,
das interessiert mich näher...

Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
  • Klicke auf Wählen Sie eine
  • Kopiere nun folgendes in die Suchleiste
    Code:
    C:\Users\Larissa\AppData\Roaming\Win System\handle.exe
  • und klicke auf Öffnen.
  • Klicke auf Scannen!.
  • Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen
    Zitat:
    Diese Datei wurde bereits von VirusTotal analysiert...
    klicke auf Neu analysieren.
  • Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
  • Kopiere den Link aus deiner Adresszeile und poste ihn hier.

Die Larissa 04.07.2014 22:16
Okay :)

SHA256: 42e8325898e99be1fcaca501e71c9f5a92aa3c537ba57f135e99a77382c89c37

Soo?

https://www.virustotal.com/de/file/42e8325898e99be1fcaca501e71c9f5a92aa3c537ba57f135e99a77382c89c37/analysis/1404508531/

deeprybka 04.07.2014 22:45
Prima! :daumenhoc

Also, Deine Arbeit! Nicht die Datei! Das hätte ESET vielleicht nicht gefunden daher killen wir den per Hand. Bitte denke daran von einem anderen, sauberen PC (oder auch Handy) Deine wichtigen online-Passwörter zu ändern.

Bitte die angehängte Datei runterladen. FRST starten und auf "Fix" drücken.

Die Fixlog.txt posten.

Dann nochmal:

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Die Larissa 04.07.2014 22:54
Oh Gott, mein Laptop ist bei diesen Scan gerade abgestürtzt :O
Soll ich das trotzdem noch mal machen?

deeprybka 04.07.2014 22:56
Nee mach mal nur nen normalen FRST-Scan...

Die Larissa 04.07.2014 23:06
Okay, also ich habe jetzt aber wieder die beiden gemacht also mt Addition :)

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by Larissa at 2014-07-05 00:02:38
Running from C:\Users\Larissa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Abenteuer auf dem Reiterhof 6 (HKLM-x32\...\{EEE76149-DC7F-4D3E-B021-6152DF574FA6}) (Version: 1.00 - UBISOFT)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Das große Tafelwerk interaktiv (HKLM-x32\...\{3749D33C-26C8-4669-ACAA-DA3B0ADA67B6}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Foxy Secure (HKLM-x32\...\Foxy Secure) (Version:  - )
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Option WWAN Driver 5.0.32.0 Installer  (HKLM\...\{727E94E5-584F-4463-B4F5-93D3779C610B}_x) (Version: 3.5.0.1158 - Option NV)
Option WWAN Driver 5.0.32.0 Installer (Version: 3.5.0.1158 - Option NV) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Planet Horse 1.0 (HKLM-x32\...\{2A1BA1A0-9675-4564-8A24-BE17179E26C3}_is1) (Version:  - Focus Home Interactive)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Re-markit (HKLM-x32\...\c974fc9c-b15a-417f-8a56-1c64d86b29b5) (Version:  - Re-markit Software) <==== ATTENTION
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.10090 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{D40BD1FB-10B4-4042-A5AE-8364941019F6}) (Version: 11.47.66.16718 - Linkury Inc.) <==== ATTENTION
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

22-06-2014 07:01:58 Removed Sierra Wireless Drivers.
23-06-2014 01:00:10 Windows Update
01-07-2014 20:54:52 Geplanter Prüfpunkt
04-07-2014 17:55:34 Revo Uninstaller's restore point - Re-markit
04-07-2014 18:06:08 Revo Uninstaller's restore point - Settings Manager
04-07-2014 18:09:06 Revo Uninstaller's restore point - SupTab
04-07-2014 18:10:30 Revo Uninstaller's restore point - t4pc_en_6
04-07-2014 18:12:25 Revo Uninstaller's restore point - video MediaPlayer
04-07-2014 18:13:49 Revo Uninstaller's restore point - video MediaPlayer
04-07-2014 18:14:55 Revo Uninstaller's restore point - webssearches uninstaller
04-07-2014 18:16:32 Revo Uninstaller's restore point - WindowsProtectManger20.0.0.401
04-07-2014 18:17:44 Revo Uninstaller's restore point - Yahoo Community Smartbar
04-07-2014 18:19:03 Revo Uninstaller's restore point - Yahoo Community Smartbar Engine

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-07-04 21:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {08620E43-A7B2-4E06-89FF-3D2EF8D927D2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {13D8CC9C-4C82-4256-9B32-7F860FD1E086} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1638CD03-5AE9-458F-8903-59713B5B9B0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {17C73F27-828B-4861-BC8F-85CE81AD0EC6} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {1A605656-73A6-45D9-B6C8-90C0BBECB82B} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1D14F18C-9942-472E-AE6C-4759719EC3EF} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {211CA690-B008-484D-9E4D-053BDED5DCF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25] (Google Inc.)
Task: {27496A9D-7AA8-47E0-9699-4C1029F05BCF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {29573B2B-B778-444B-B0CD-DAF877B74364} - \76e29085-a0b8-44c4-9613-e639f3d9191a-4 No Task File <==== ATTENTION
Task: {299E454B-BC91-4409-9E41-762094DD6397} - \76e29085-a0b8-44c4-9613-e639f3d9191a-3 No Task File <==== ATTENTION
Task: {2C1F951E-69D4-4842-9605-83A2CE81EA44} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {34CF72CB-B772-476E-8C69-8E62279759DB} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3AA2A44A-3901-414D-A5CB-7E52F1803E30} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {3C6F51E8-3A2B-46FA-B3EB-89B654CFE28A} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4449081A-8B29-4CC7-A62B-3A41A17BCA0E} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {459793BA-827A-481A-BA7F-9E13047327A9} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {49C34184-804E-4869-B667-629ED30C6BED} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4B85F4E9-258A-49B7-961F-B2ADCC0AFC68} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25] (Google Inc.)
Task: {53434622-ABA6-42AB-8B5B-B629BBC7AD9E} - \76e29085-a0b8-44c4-9613-e639f3d9191a-5 No Task File <==== ATTENTION
Task: {7023B253-0F55-489E-B6CA-D009567E2D4E} - \DigitalSite No Task File <==== ATTENTION
Task: {70ABDC66-A1E9-4671-A02F-83E4D2914A6E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {7B27FA51-1DF2-47BE-8A88-2018B39CBA36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17] (Google Inc.)
Task: {8C0E34AB-A602-4CD5-8466-755EF4D8B95E} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {944D3AC6-1F3C-45E6-9FEB-1E38FD85DCB9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {98F1B20B-5C0E-4743-86B2-68D251492900} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17] (Google Inc.)
Task: {993F6B47-B7EF-4369-88F9-AD15876C1F31} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {9948E87E-B4B5-4F73-8B00-E8F7F0900545} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {9CA39CF9-495A-434F-B08A-1FC4CD2E474F} - \Re-markit Update No Task File <==== ATTENTION
Task: {A289324F-0527-4F6D-A353-1B51B3B4F7BE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {A7C74A75-C173-427E-9179-C1CED7F4B39A} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {A9758080-4F3F-4786-9BD8-E286FBDDA8E1} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {ABC280DF-ED7D-4F99-A46E-B8DA14EFB712} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {AEE827AD-1BB5-4027-BF68-1EC36EF93803} - \76e29085-a0b8-44c4-9613-e639f3d9191a-2 No Task File <==== ATTENTION
Task: {B6B85BA3-AB2D-4DEB-B848-33261B2AB06C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-24] (Adobe Systems Incorporated)
Task: {B925986B-CD50-421C-A0FE-463D6DE6BF89} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {C0A81163-9989-49EB-9ED6-E7D2515CB567} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {F02BFC6A-0D57-450E-B417-6AAFFAA0D60D} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {F7820B41-D9AF-4108-9788-681334230394} - \76e29085-a0b8-44c4-9613-e639f3d9191a-1 No Task File <==== ATTENTION
Task: {FC4CF8A7-FBF0-4706-AA00-D2B9CE688EC3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FF22D409-61A3-4635-BC72-6BDA2AED1634} - \76e29085-a0b8-44c4-9613-e639f3d9191a-11 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-02-20 22:29 - 2012-02-20 22:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 22:28 - 2012-02-20 22:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-01 19:40 - 2011-03-05 17:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-06-19 15:14 - 2014-06-19 15:14 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-02-18 12:18 - 2011-02-18 12:18 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-05-24 16:54 - 2014-05-24 16:54 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-02-15 16:07 - 2014-02-15 16:07 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2012-02-01 19:27 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

==================== Faulty Device Manager Devices =============

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2014 11:59:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 11:51:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 09:48:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 09:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1220
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/04/2014 08:30:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 08:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x3a90
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/04/2014 07:57:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x23c4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/02/2014 01:00:05 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 10:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 07:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80


System errors:
=============
Error: (07/05/2014 00:00:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612

Error: (07/04/2014 11:58:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv07

Error: (07/04/2014 11:58:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (07/04/2014 11:58:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (07/04/2014 11:53:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612

Error: (07/04/2014 11:51:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv07

Error: (07/04/2014 11:50:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Client Virtualization Handler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/04/2014 11:50:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Client Virtualization Handler erreicht.

Error: (07/04/2014 11:50:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (07/04/2014 11:50:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577


Microsoft Office Sessions:
=========================
Error: (07/04/2014 11:59:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 11:51:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 09:48:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 09:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b122001cf97b61f8bf937C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2db030a7-03b1-11e4-98d3-9439e5c5c0aa

Error: (07/04/2014 08:30:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 08:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b3a9001cf97b18604851eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb8c96611-03a7-11e4-a54d-9439e5c5c0aa

Error: (07/04/2014 07:57:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b23c401cf9619242c6b31C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla07d1c63-03a4-11e4-a54d-9439e5c5c0aa

Error: (07/02/2014 01:00:05 PM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 10:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (07/02/2014 07:00:05 AM) (Source: Google Update) (EventID: 20) (User: Larissa-VAIO)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80


CodeIntegrity Errors:
===================================
  Date: 2014-07-04 23:58:20.539
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:58:20.407
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:58:14.271
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:58:14.171
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:58:00.072
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:57:59.994
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:50:11.626
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:50:11.516
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:50:03.486
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:50:03.396
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 51%
Total physical RAM: 4077.86 MB
Available physical RAM: 1974.64 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 5807.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.98 GB) (Free:181.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: CA51395E)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Larissa (administrator) on LARISSA-VAIO on 05-07-2014 00:01:56
Running from C:\Users\Larissa\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(OptionNV) C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Farbar) C:\Users\Larissa\Downloads\FRST64(1).exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Larissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-02]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage:

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 GtDetectSc; C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [809984 2009-05-04] (OptionNV) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2013-10-29] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [211456 2012-08-18] () [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-25] (Avira Operations GmbH & Co. KG)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2012-08-18] () [File not signed]
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 swivsp; C:\Windows\System32\DRIVERS\swivspnt.sys [23552 2007-03-26] (Sierra Wireless Inc.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 RSPCIESTOR; system32\DRIVERS\RtsPStor.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 22:56 - 2014-07-04 22:57 - 00058322 _____ () C:\Users\Larissa\Downloads\Addition.txt
2014-07-04 22:55 - 2014-07-05 00:02 - 00016675 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-04 22:54 - 2014-07-04 22:55 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64(1).exe
2014-07-04 22:19 - 2014-07-04 23:58 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 22:19 - 2014-07-04 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-04 22:18 - 2014-07-04 22:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-04 22:18 - 2014-07-04 22:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Larissa\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 22:18 - 2014-07-04 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 22:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-04 22:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-04 22:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-04 22:02 - 2014-07-04 22:02 - 00025657 _____ () C:\ComboFix.txt
2014-07-04 21:05 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-04 21:05 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-04 21:05 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-04 21:04 - 2014-07-04 22:02 - 00000000 ____D () C:\Qoobox
2014-07-04 21:04 - 2014-07-04 21:59 - 00000000 ____D () C:\Windows\erdnt
2014-07-04 21:03 - 2014-07-04 21:03 - 05213907 ____R (Swearware) C:\Users\Larissa\Downloads\ComboFix.exe
2014-07-04 20:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-04 20:22 - 2014-07-04 20:26 - 00000000 ____D () C:\AdwCleaner
2014-07-04 20:20 - 2014-07-04 20:20 - 01346519 _____ () C:\Users\Larissa\Downloads\adwcleaner_3.214.exe
2014-07-04 18:29 - 2014-07-05 00:01 - 00000000 ____D () C:\FRST
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-06-24 12:49 - 2014-07-04 20:26 - 00001079 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-22 18:58 - 2014-07-04 12:08 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:18 - 2014-07-04 23:50 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-21 13:20 - 2014-07-04 20:08 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-06-21 06:37 - 2014-06-21 18:38 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 19:21 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-14 19:21 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-14 19:21 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-14 19:21 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-14 19:21 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-14 19:21 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-14 19:21 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-14 19:21 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-14 19:21 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-14 19:21 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-14 19:21 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-14 19:21 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-14 19:21 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-14 19:21 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-14 19:21 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-14 19:21 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-14 19:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-14 19:21 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 19:21 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 19:21 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-14 19:19 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-14 19:19 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-14 13:51 - 2014-06-20 18:34 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-07 13:11 - 2014-06-14 13:52 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung

==================== One Month Modified Files and Folders =======

2014-07-05 00:02 - 2014-07-04 22:55 - 00016675 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-05 00:01 - 2014-07-04 18:29 - 00000000 ____D () C:\FRST
2014-07-05 00:01 - 2012-02-01 19:19 - 01548590 _____ () C:\Windows\WindowsUpdate.log
2014-07-05 00:00 - 2012-03-12 13:16 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{08158E50-22FD-4CF1-BAC4-092B9F4F9693}
2014-07-04 23:59 - 2012-08-27 12:21 - 00000000 ___RD () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-04 23:58 - 2014-07-04 22:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 23:58 - 2012-12-17 17:29 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 23:58 - 2012-02-01 19:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-04 23:58 - 2010-11-21 05:47 - 00280438 _____ () C:\Windows\PFRO.log
2014-07-04 23:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-04 23:58 - 2009-07-14 06:51 - 00083805 _____ () C:\Windows\setupact.log
2014-07-04 23:57 - 2012-12-17 17:29 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 23:57 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 23:57 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-04 23:55 - 2012-02-02 04:14 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-07-04 23:55 - 2012-02-02 04:14 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-07-04 23:55 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-04 23:54 - 2012-03-29 17:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 23:50 - 2014-06-22 06:18 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-07-04 23:50 - 2012-11-25 16:18 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job
2014-07-04 23:49 - 2012-06-19 20:07 - 00000000 ____D () C:\Windows\cs
2014-07-04 23:48 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-04 22:57 - 2014-07-04 22:56 - 00058322 _____ () C:\Users\Larissa\Downloads\Addition.txt
2014-07-04 22:55 - 2014-07-04 22:54 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64(1).exe
2014-07-04 22:19 - 2014-07-04 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-04 22:19 - 2014-07-04 22:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-04 22:18 - 2014-07-04 22:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Larissa\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 22:18 - 2014-07-04 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 22:02 - 2014-07-04 22:02 - 00025657 _____ () C:\ComboFix.txt
2014-07-04 22:02 - 2014-07-04 21:04 - 00000000 ____D () C:\Qoobox
2014-07-04 22:02 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-04 22:00 - 2012-07-09 03:50 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job
2014-07-04 21:59 - 2014-07-04 21:04 - 00000000 ____D () C:\Windows\erdnt
2014-07-04 21:47 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-04 21:27 - 2012-03-13 13:15 - 00000000 ____D () C:\Users\Larissa\AppData\Local\CrashDumps
2014-07-04 21:03 - 2014-07-04 21:03 - 05213907 ____R (Swearware) C:\Users\Larissa\Downloads\ComboFix.exe
2014-07-04 20:29 - 2012-03-13 00:15 - 00000000 ____D () C:\Users\Larissa\Tracing
2014-07-04 20:26 - 2014-07-04 20:22 - 00000000 ____D () C:\AdwCleaner
2014-07-04 20:26 - 2014-06-24 12:49 - 00001079 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-04 20:26 - 2013-07-20 22:49 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Common
2014-07-04 20:26 - 2012-11-23 12:08 - 00000000 ____D () C:\Users\Freunde
2014-07-04 20:26 - 2012-03-12 13:32 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 20:26 - 2012-03-12 13:07 - 00000999 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-04 20:26 - 2012-03-12 13:05 - 00000000 ____D () C:\Users\Larissa
2014-07-04 20:20 - 2014-07-04 20:20 - 01346519 _____ () C:\Users\Larissa\Downloads\adwcleaner_3.214.exe
2014-07-04 20:08 - 2014-06-21 13:20 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-07-04 19:59 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-07-04 13:00 - 2012-07-09 03:50 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job
2014-07-04 12:08 - 2014-06-22 18:58 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-07-04 10:50 - 2012-11-25 16:18 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job
2014-07-03 22:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-24 14:21 - 2012-03-12 13:08 - 00000000 ____D () C:\Users\Larissa\Documents\Bluetooth Folder
2014-06-24 11:59 - 2013-11-09 15:24 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-22 09:01 - 2012-02-01 19:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-22 09:01 - 2012-02-01 19:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 09:00 - 2012-02-01 19:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-22 08:49 - 2013-07-20 22:51 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\Program Files (x86)\3D-Fahrschule Demo
2014-06-22 08:39 - 2013-12-22 19:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-22 05:32 - 2012-06-11 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 18:38 - 2014-06-21 06:37 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-20 23:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 18:59 - 2014-05-09 09:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-20 18:58 - 2012-03-12 13:36 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\SoftGrid Client
2014-06-20 18:42 - 2014-04-29 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-20 18:39 - 2014-04-30 03:00 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-20 18:34 - 2014-06-14 13:51 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-19 19:52 - 2012-12-17 17:29 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:52 - 2012-12-17 17:29 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 21:46 - 2013-11-09 15:24 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-14 19:15 - 2012-05-17 13:21 - 00000000 ____D () C:\Update
2014-06-14 19:15 - 2012-02-01 19:35 - 00000000 ____D () C:\Program Files\Sony
2014-06-14 13:52 - 2014-06-07 13:11 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung
2014-06-14 13:51 - 2012-03-12 13:06 - 00118024 _____ () C:\Users\Larissa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 11:13 - 2014-06-14 19:19 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-14 19:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 13:31 - 2012-04-03 23:59 - 00000000 ____D () C:\Users\Larissa\Documents\Tagebuch

Some content of TEMP:
====================
C:\Users\Larissa\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-01 22:47

==================== End Of Log ============================
--- --- ---

--- --- ---

deeprybka 04.07.2014 23:08
Schau mal bitte im Download-Verzeichnis jetzt nach dem Fixlog.txt und poste es bitte...

Die Larissa 04.07.2014 23:12
Was genau soll ich jetzt posten?

deeprybka 04.07.2014 23:13
Fixlog.txt

Sollte auch im Download-Ordner liegen...

Die Larissa 04.07.2014 23:15
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-07-2014
Ran by Larissa at 2014-07-04 23:57:19 Run:2
Running from C:\Users\Larissa\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Larissa\AppData\Roaming\Win System
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
BHO-x32: No Name - {01F29AE5-D48D-417B-9D00-8A115C23A0EB} - C:\Users\Larissa\AppData\LocalLow\systems ie bho\bho.dll ()
C:\Users\Larissa\AppData\LocalLow\systems ie bho
BHO-x32: No Name - {963B125B-8B21-49A2-A3A8-E37092276531}} -  No File
BHO-x32: No Name - {ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}} -  No File
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Larissa\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF HKCU\...\Firefox\Extensions: [{1766c545-cec8-4a4d-a869-a22153bec7a3}] - C:\Program Files (x86)\Re-markit\150.xpi
CHR Extension: (Re-Markable) - C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\knjbfmepegbmbdkabccnkjdmlmpmeoci [2014-04-29]
C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\knjbfmepegbmbdkabccnkjdmlmpmeoci
R2 HandleService; C:\Users\Larissa\AppData\Roaming\Win System\handle.exe [637952 2014-06-10] (Handle) [File not signed]
C:\Users\Larissa\AppData\Roaming\Win System\handle.exe
Reboot:

*****************

"C:\Users\Larissa\AppData\Roaming\Win System" => File/Directory not found.
"C:\Windows\system32\GroupPolicy\Machine" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01F29AE5-D48D-417B-9D00-8A115C23A0EB}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{01F29AE5-D48D-417B-9D00-8A115C23A0EB}'=> Key not found.
"C:\Users\Larissa\AppData\LocalLow\systems ie bho" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}}'=> Key not found.
'HKCU\Software\MozillaPlugins\bebomedia.com/OfferMosquitoIEHelper'=> Key not found.
C:\Users\Larissa\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll not found.
HKCU\Software\Mozilla\Firefox\Extensions\\{1766c545-cec8-4a4d-a869-a22153bec7a3} => Value not found.
C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\knjbfmepegbmbdkabccnkjdmlmpmeoci directory not found.
"C:\Users\Larissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\knjbfmepegbmbdkabccnkjdmlmpmeoci" => File/Directory not found.
HandleService => Service not found.
"C:\Users\Larissa\AppData\Roaming\Win System\handle.exe" => File/Directory not found.


The system needed a reboot.

==== End of Fixlog ====

deeprybka 04.07.2014 23:18
Hast Du den Fix 2 mal gemacht?

Die Larissa 04.07.2014 23:18
Ja, weil mein Laptop abgestürtzt ist und ich dachte es wäre nichts geworden ...

deeprybka 04.07.2014 23:21
:pfeiff:
Ich glaube Dein "Absturz" hatte was mit dem Reboot(=Neustart) Befehl zu tun...:lach:

Egal...Schluss für heute... ;)

Das ist der nächste Schritt und der dauert mehrere Stunden:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Die Larissa 04.07.2014 23:24
Okay, dann mache ich das bis später alles fertig.
Danke schon mal, hat sehr gut geholfen :)

deeprybka 04.07.2014 23:31
:abklatsch:
Schon OK...:)

Die Larissa 05.07.2014 09:51
:)

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=e59b3863f4f1ff4fa38ebd6d58f78bf3
# engine=19031
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-05 01:59:04
# local_time=2014-07-05 03:59:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 18443 149024718 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 20521935 156155394 0 0
# scanned=191381
# found=96
# cleaned=0
# scan_time=12425
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=51709AA00ACA72837AF0E1FA61A458E125FF6867 ft=1 fh=47db414701f38526 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srbs.dll.vir"
sh=95826B332BD1AC0543C2BA4DB637D082A994B1E5 ft=1 fh=f3159d8e366dd55a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\DaemonProcess.exe.vir"
sh=88AB474126A68F0A101C05AB2C1900FA0BAD5D33 ft=1 fh=c71c0011051a286f vn="Variante von Win32/AdWare.AddLyrics.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Re-markit\150.dll.vir"
sh=6CF06AE55A60FB6F6151D19F08ABD32BE62580FB ft=1 fh=4f3b29debf31c722 vn="Variante von Win32/AdWare.AddLyrics.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Re-markit\Uninstall.exe.vir"
sh=4D9A25EEE733FE272F718D481B4AB6061FA1B731 ft=1 fh=d720b326bd1a3a36 vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\systemk\del_DM_DLL_nsnD54E.dll.vir"
sh=56A40AA2CA40BCD41C80E6A0C5F5C725F588B983 ft=1 fh=75ac978b05d746a5 vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\systemk\del_DM_LL_nsnD54E.dll.vir"
sh=7D0F78CE45F6824B1CDF4CB63978569ACB37C228 ft=1 fh=68ae880e96878eab vn="Win32/Toolbar.SearchSuite.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\systemk\del_mg_nsnD54E.dll.vir"
sh=B4DB678D7643404C0E402F3C490D0C6038051B41 ft=1 fh=bb81efdffa516e8d vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\systemk\x64\del_DM_LL_nsnD54E.dll.vir"
sh=9DC13DB9C123270C2356ED410128E11D5ADF7C6E ft=1 fh=023ab782f0a9b07d vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=0E4AC03280933B58DBDCDA15C7FE92C7BC09AECF ft=1 fh=c9c5029e8a95e315 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\ToggleMark.FirstRun.exe.vir"
sh=0A3FF6462093A5CDD402D42D453696DE573BA5D7 ft=1 fh=57562942bc2b326b vn="Variante von Win32/BrowseFox.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\ToggleMarkBHO.dll.vir"
sh=E6406E5D1A8E13BEC0746FE64A7ACF0F4CE9FECA ft=1 fh=65a81d4680f8d1a5 vn="möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\ToggleMarkUn.exe.vir"
sh=9A8310234FDFD93700CF9105977B08061EB84F45 ft=1 fh=b20f720388c5f0da vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\updateToggleMark.exe.vir"
sh=358351E604ACE39A38E436290D3B7ECE99618C51 ft=1 fh=08917eb070f37784 vn="Variante von Win32/BrowseFox.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\ToggleMark.BrowserAdapter.exe.vir"
sh=1D3516EDD5F30AF64DE3B7D7F7F8F7D5B744ED98 ft=1 fh=a1dadc3d6eae6e0d vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\ToggleMark.PurBrowse64.exe.vir"
sh=BB2643563078D4F061607A96891266B525B58E92 ft=1 fh=00b74401f02fb3b5 vn="Variante von Win32/BrowseFox.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\ToggleMarkBAApp.dll.vir"
sh=9A8310234FDFD93700CF9105977B08061EB84F45 ft=1 fh=b20f720388c5f0da vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe.vir"
sh=78715BC4ACC33F026660CF51B832C30D950D66AC ft=1 fh=072c7fe926d76c6a vn="Variante von Win32/BrowseFox.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}.dll.vir"
sh=8DFEFB84A7EDEDB951E9B3F38B48E6CD6D629C9D ft=1 fh=9b4e0656e4555c40 vn="Variante von Win32/BrowseFox.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\{af16abf4-eac1-49b4-93fc-58f6ca799135}.dll.vir"
sh=683DF8E020F6616BD82E84D32A3B3297BB65C6EF ft=1 fh=adad28baacc0c36f vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\plugins\ToggleMark.Bromon.dll.vir"
sh=716DC19AE74F240F079E3CD3BBF69B1564D75D68 ft=1 fh=66d7539934e4224e vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\plugins\ToggleMark.BroStats.dll.vir"
sh=C8A14A182CF8BAE810997B99A816D56A817C9737 ft=1 fh=93e9d1817693f7f3 vn="möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\plugins\ToggleMark.BrowserAdapterS.dll.vir"
sh=59D4728C2A37C9E053902DC653A14DD694FB7466 ft=1 fh=8f3e482df4dc1278 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\plugins\ToggleMark.CompatibilityChecker.dll.vir"
sh=ED5C0B03777C41FBE8B651DE75014BD575294306 ft=1 fh=a2b83d2c66647c73 vn="Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\plugins\ToggleMark.FFUpdate.dll.vir"
sh=2FF8E919EA60785F118917CF26F0E3C1259794C2 ft=1 fh=67b3175274541ec6 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\plugins\ToggleMark.IEUpdate.dll.vir"
sh=F45F5FE2490A2E6846E3EEE308AC764CB3EB2A36 ft=1 fh=5aca58421c95aa7c vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\plugins\ToggleMark.PurBrowseG.dll.vir"
sh=FF76D7DE59B79DCFCC1FE64DFBF55B176D2218BD ft=1 fh=3b214c88ec3156ee vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ToggleMark\bin\plugins\ToggleMark.Repmon.dll.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\genienext\nengine.dll.vir"
sh=51709AA00ACA72837AF0E1FA61A458E125FF6867 ft=1 fh=47db414701f38526 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\LPT\srbs.dll.vir"
sh=D6CFE89E51D1CF5C0043E538BC26C4477CE3EF3E ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.0.zip.vir"
sh=95826B332BD1AC0543C2BA4DB637D082A994B1E5 ft=1 fh=f3159d8e366dd55a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=749E0C6D85971204E397EAE65ED10A9A4AEF40AB ft=1 fh=ef830199de104882 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=1FD24BAE5755536F5B1CDF3F46A6C75BFD137933 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir"
sh=93AD648467F47DC2708810D169F26F4A814778C5 ft=1 fh=e589ccabe231da4b vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=6BEA6C96B4F47FF9B614B482C8BF2E2A80C13C42 ft=1 fh=c71c0011e505ca4a vn="Variante von Win32/Toolbar.Montiera.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\PennyBee\pennybee\1.3.8.3\pennybee.exe.vir"
sh=90D617042236ECEECA6281D4AA409AC2462F1D45 ft=1 fh=cbe4a92e457220a6 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir"
sh=2C5A5DCCFA2C7A761A055779E2183F75EE5ADC1F ft=1 fh=11efb147a594a3b4 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.exe.vir"
sh=02FD6AE390BF39CCBA030E3B30809907D1714A2E ft=1 fh=b4c7b90a363c8707 vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir"
sh=973CB7FFE5935CFEAB40748A3A82EFEBBC8DB5AC ft=1 fh=963d448465dfce92 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=973CB7FFE5935CFEAB40748A3A82EFEBBC8DB5AC ft=1 fh=963d448465dfce92 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=FE14FB13C3E87B1B4D5B1D9B4AE4FB824FBDF1A4 ft=1 fh=03f5383ec359c58f vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=FE14FB13C3E87B1B4D5B1D9B4AE4FB824FBDF1A4 ft=1 fh=03f5383ec359c58f vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=96EB8021F9452FF9488654422285E3BC3E88ADBC ft=1 fh=a2a34a7c21965425 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir"
sh=51709AA00ACA72837AF0E1FA61A458E125FF6867 ft=1 fh=47db414701f38526 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\srbs.dll.vir"
sh=FFA29462419BB5F68627B32D0223CB91A0D7AADD ft=1 fh=f37a614dc756caa9 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=743A688D6D964EE3338CF0D393DB7424BA33B110 ft=1 fh=5ff37a8cbf598d20 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=8482444939D080F36716309408D0E228D4BEA98F ft=1 fh=bdaab2a66f11dc5b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=63712052A353D759DF80D926C40D3801195C2613 ft=1 fh=e3ce1d777f544045 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=FAB39A2B29147472E022212931FD90781C1C8A7C ft=1 fh=f2b01a9acb1fbcb6 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=5367796B2A4F3EDD29B630637097274440758940 ft=1 fh=a38fde601776f903 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir"
sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir"
sh=4B9D59EFA89F628628CE74083961743D56E460C7 ft=1 fh=8e9074b2b2075a48 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir"
sh=7290509DD9B7F8DCFA781334EBEFF3E5D4C58C5C ft=1 fh=0aae782d31fb93bd vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir"
sh=32602D4077332EE0F75304C87434755510F768FD ft=1 fh=4d22cbd3b33f2e9e vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir"
sh=A5517659524BFD05ABEF457FE26F1D0E80D3EF85 ft=1 fh=af4585d56f4a69b5 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir"
sh=71CCADAAF795894CF3E4C21388091FBB99AC811E ft=1 fh=e914faad78993ba3 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=A7A2E08FBFDF53F6487F997282726AFBA2D1BE6D ft=1 fh=372c94dd255ca241 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=6EC26F6CF4D7A7AFC71024730F7E25098D043D95 ft=1 fh=5dde4b05fb6068ec vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=2C0BBB1E1F7E1ECEBB3DFE9CF92847598322B6CB ft=1 fh=838192228873b77d vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=04425ABDF2E2F90CD68481EB49D9D3724D3A9895 ft=1 fh=36eea6a241280446 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=08A0C25B0BF40535697C1C584ACCDA490D6BC882 ft=1 fh=dbe7f66a50ce49ed vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\newnext.me\nengine.dll.vir"
sh=A84C039FF1DAAAA7252955732A4E8EE4CF968B1B ft=1 fh=fed45452708664fd vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF10.dll.vir"
sh=752B1961DB6AB8898FE0549213AA914C0CA6B718 ft=1 fh=e5d4be7c69805ddc vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF11.dll.vir"
sh=8E74C63DB1BAC349315C961B8841EDCF82BA530A ft=1 fh=337c683ba543637d vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF12.dll.vir"
sh=3E7F1EFE26E75577548C5671F96EF9DE97C27C58 ft=1 fh=d8ed7d6979bcd6ef vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF13.dll.vir"
sh=AC4FE55F016ED99D97300F0EFDD79ABC36060043 ft=1 fh=01bf7131f02413ac vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF14.dll.vir"
sh=38A77551D640ABFD1B7B77BBDE6DF8151EA4A7A1 ft=1 fh=27f3972bc5673f7b vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF15.dll.vir"
sh=8181CE4B98D928987E2DD91FC198126FE0EFF7A1 ft=1 fh=2a775ad338f1b5dd vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF16.dll.vir"
sh=9B49C9E0D598D596BD85FB0684D112A0D89962D9 ft=1 fh=e6a9dc5fafe354f4 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF17.dll.vir"
sh=1C57F6653160B658BC4A89D90BB9B965EE6A73EB ft=1 fh=1af4b14ddb1938ad vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF18.dll.vir"
sh=F5FF4EAEF5C87A0A52177525DC9EB51858F3CD09 ft=1 fh=a75a944064dce744 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF19.dll.vir"
sh=BC3949E551957E3239F6EE8C8FD6E51D9B90F7A4 ft=1 fh=d4e1767a93b4bb5e vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF2.dll.vir"
sh=547744A7A940F2A4CA6F29F149FAB2667E2E20FF ft=1 fh=3bc94f24f04e02e0 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF20.dll.vir"
sh=68511D85675A119A2B0042C4B9E9E68568F9CC69 ft=1 fh=849a46b3d8334628 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF21.dll.vir"
sh=2D970117EA235A150F60B0BFDA0570B572E15579 ft=1 fh=9f13dfd8ed655a92 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF22.dll.vir"
sh=3CB040F2370648DCDF09F3538036D04A86C0016B ft=1 fh=84033a4e69d1c455 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF23.dll.vir"
sh=82C9197CD905EF3FD391D8C3962E78A1D222E215 ft=1 fh=b83dd79fed78a9f0 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF24.dll.vir"
sh=91F93AA323D593CA34486817DF5F452E73C7D265 ft=1 fh=1ce4277cdede7c3c vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF25.dll.vir"
sh=D31C2E79DC3E09F9D46C77A556EA79D851314B56 ft=1 fh=1c9bfbeb879ff592 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF26.dll.vir"
sh=4EC3A1EA248A2ADDE05B4E21DC1747D920ECE241 ft=1 fh=8006870a8fd0800a vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF27.dll.vir"
sh=19C242DE42C333A72C4D2FD98B4A5E45E2722E2F ft=1 fh=88e7a324c335ae67 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF28.dll.vir"
sh=C10DA08A224A5058B04C89D7E2545DCE1B1882E1 ft=1 fh=1cfd12f4ffe5f981 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF29.dll.vir"
sh=4B8BF4B3A786BC8EFC31F124A79121633FCCEFB5 ft=1 fh=956688c87ea41354 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF30.dll.vir"
sh=34DC7765D841F6A826809B070E61A3A9C265DEC2 ft=1 fh=17d7a39a89f60080 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF4.dll.vir"
sh=3A2A87661BE7C287C16C8EC5D4DCB28F44DED34A ft=1 fh=29d9b991721e7a0e vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF5.dll.vir"
sh=F71815E064A9AACFAD9001B174C667611C93827C ft=1 fh=719e07282195d0f2 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF6.dll.vir"
sh=0B8EF6FA304399EC687F76F3B2C835F3C5F178EF ft=1 fh=135f4e0fefbaf1ca vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF7.dll.vir"
sh=26BDD9A0B5F4A7CD1F0C096FB6160F83CC0EC902 ft=1 fh=bcf16556bf4bbb7c vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF8.dll.vir"
sh=4E6CA7B1AA06BE7936C5B76313F0ED55C8B27F55 ft=1 fh=028c7e2bd08d993f vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Larissa\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF9.dll.vir"
sh=62518026153B8F7EB9AC1B5C5F9924490348E735 ft=0 fh=0000000000000000 vn="Variante von Java/Exploit.Blacole.AN Trojaner" ac=I fn="C:\Users\Larissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\79cee599-72ecbce5"
sh=30EF281C81897B394B1B7EC2F2DEC8BD0F79C867 ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\b2496d7.msi"

deeprybka 05.07.2014 11:31
Hi,

Schritt 1
Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.



Die alte Version Java 7 Update 45 deinstallieren. (Findest bei installierte Programme, kannst aber auch mit Revo machen)

Neu:
Java installieren.


Flash-Link mit allen Browsern aufrufen. Flash aktualisieren. Optionale Angebote ablehnen.
D.h. einmal mit dem Internetexplorer und einmal mit dem Firefox.

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Die Larissa 05.07.2014 12:22
Hey, ich komme hier nicht weiter:

'Flash-Link mit allen Browsern aufrufen. Flash aktualisieren'

Dort taucht nur ein Fenster mit 'Installieren' auf ...

deeprybka 05.07.2014 12:29
Das ist gemeint... ;)

Die Larissa 05.07.2014 12:34
Aktualisieren ist ja nicht installieren ;)

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014
Ran by Larissa at 2014-07-05 13:31:54
Running from C:\Users\Larissa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Abenteuer auf dem Reiterhof 6 (HKLM-x32\...\{EEE76149-DC7F-4D3E-B021-6152DF574FA6}) (Version: 1.00 - UBISOFT)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Das große Tafelwerk interaktiv (HKLM-x32\...\{3749D33C-26C8-4669-ACAA-DA3B0ADA67B6}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Foxy Secure (HKLM-x32\...\Foxy Secure) (Version:  - )
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Option WWAN Driver 5.0.32.0 Installer  (HKLM\...\{727E94E5-584F-4463-B4F5-93D3779C610B}_x) (Version: 3.5.0.1158 - Option NV)
Option WWAN Driver 5.0.32.0 Installer (Version: 3.5.0.1158 - Option NV) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Planet Horse 1.0 (HKLM-x32\...\{2A1BA1A0-9675-4564-8A24-BE17179E26C3}_is1) (Version:  - Focus Home Interactive)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Re-markit (HKLM-x32\...\c974fc9c-b15a-417f-8a56-1c64d86b29b5) (Version:  - Re-markit Software) <==== ATTENTION
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.10090 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{D40BD1FB-10B4-4042-A5AE-8364941019F6}) (Version: 11.47.66.16718 - Linkury Inc.) <==== ATTENTION
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

04-07-2014 17:55:34 Revo Uninstaller's restore point - Re-markit
04-07-2014 18:06:08 Revo Uninstaller's restore point - Settings Manager
04-07-2014 18:09:06 Revo Uninstaller's restore point - SupTab
04-07-2014 18:10:30 Revo Uninstaller's restore point - t4pc_en_6
04-07-2014 18:12:25 Revo Uninstaller's restore point - video MediaPlayer
04-07-2014 18:13:49 Revo Uninstaller's restore point - video MediaPlayer
04-07-2014 18:14:55 Revo Uninstaller's restore point - webssearches uninstaller
04-07-2014 18:16:32 Revo Uninstaller's restore point - WindowsProtectManger20.0.0.401
04-07-2014 18:17:44 Revo Uninstaller's restore point - Yahoo Community Smartbar
04-07-2014 18:19:03 Revo Uninstaller's restore point - Yahoo Community Smartbar Engine
05-07-2014 11:16:17 Removed Java 7 Update 45
05-07-2014 11:17:31 Removed Java 7 Update 45
05-07-2014 11:19:26 Installed Java 7 Update 60

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-07-04 21:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {08620E43-A7B2-4E06-89FF-3D2EF8D927D2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {13D8CC9C-4C82-4256-9B32-7F860FD1E086} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1638CD03-5AE9-458F-8903-59713B5B9B0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {17C73F27-828B-4861-BC8F-85CE81AD0EC6} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {1A605656-73A6-45D9-B6C8-90C0BBECB82B} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1D14F18C-9942-472E-AE6C-4759719EC3EF} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {211CA690-B008-484D-9E4D-053BDED5DCF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25] (Google Inc.)
Task: {27496A9D-7AA8-47E0-9699-4C1029F05BCF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {29573B2B-B778-444B-B0CD-DAF877B74364} - \76e29085-a0b8-44c4-9613-e639f3d9191a-4 No Task File <==== ATTENTION
Task: {299E454B-BC91-4409-9E41-762094DD6397} - \76e29085-a0b8-44c4-9613-e639f3d9191a-3 No Task File <==== ATTENTION
Task: {2C1F951E-69D4-4842-9605-83A2CE81EA44} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {34CF72CB-B772-476E-8C69-8E62279759DB} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3AA2A44A-3901-414D-A5CB-7E52F1803E30} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {3C6F51E8-3A2B-46FA-B3EB-89B654CFE28A} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4449081A-8B29-4CC7-A62B-3A41A17BCA0E} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {459793BA-827A-481A-BA7F-9E13047327A9} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {49C34184-804E-4869-B667-629ED30C6BED} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4B85F4E9-258A-49B7-961F-B2ADCC0AFC68} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25] (Google Inc.)
Task: {53434622-ABA6-42AB-8B5B-B629BBC7AD9E} - \76e29085-a0b8-44c4-9613-e639f3d9191a-5 No Task File <==== ATTENTION
Task: {7023B253-0F55-489E-B6CA-D009567E2D4E} - \DigitalSite No Task File <==== ATTENTION
Task: {70ABDC66-A1E9-4671-A02F-83E4D2914A6E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {7B27FA51-1DF2-47BE-8A88-2018B39CBA36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17] (Google Inc.)
Task: {8C0E34AB-A602-4CD5-8466-755EF4D8B95E} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {944D3AC6-1F3C-45E6-9FEB-1E38FD85DCB9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {98F1B20B-5C0E-4743-86B2-68D251492900} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17] (Google Inc.)
Task: {993F6B47-B7EF-4369-88F9-AD15876C1F31} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {9948E87E-B4B5-4F73-8B00-E8F7F0900545} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {9CA39CF9-495A-434F-B08A-1FC4CD2E474F} - \Re-markit Update No Task File <==== ATTENTION
Task: {A289324F-0527-4F6D-A353-1B51B3B4F7BE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {A7C74A75-C173-427E-9179-C1CED7F4B39A} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {A9758080-4F3F-4786-9BD8-E286FBDDA8E1} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {ABC280DF-ED7D-4F99-A46E-B8DA14EFB712} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {AEE827AD-1BB5-4027-BF68-1EC36EF93803} - \76e29085-a0b8-44c4-9613-e639f3d9191a-2 No Task File <==== ATTENTION
Task: {B6B85BA3-AB2D-4DEB-B848-33261B2AB06C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-05] (Adobe Systems Incorporated)
Task: {B925986B-CD50-421C-A0FE-463D6DE6BF89} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F02BFC6A-0D57-450E-B417-6AAFFAA0D60D} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {F7820B41-D9AF-4108-9788-681334230394} - \76e29085-a0b8-44c4-9613-e639f3d9191a-1 No Task File <==== ATTENTION
Task: {F89E6314-AE0F-43F2-81B7-B189F7C4BB36} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {FC4CF8A7-FBF0-4706-AA00-D2B9CE688EC3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FF22D409-61A3-4635-BC72-6BDA2AED1634} - \76e29085-a0b8-44c4-9613-e639f3d9191a-11 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job => C:\Users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job => C:\Users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-02-20 22:29 - 2012-02-20 22:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 22:28 - 2012-02-20 22:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-01 19:40 - 2011-03-05 17:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-06-19 15:14 - 2014-06-19 15:14 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-02-18 12:18 - 2011-02-18 12:18 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-02-15 16:07 - 2014-02-15 16:07 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2012-02-01 19:27 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-05-24 16:54 - 2014-05-24 16:54 - 16361136 ____N () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-07-05 13:30 - 2014-07-05 13:30 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

==================== Faulty Device Manager Devices =============

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2014 01:14:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2014 01:10:52 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\Windows\system32\lsass.exe ist fehlgeschlagen mit den Statuscode 255. Der Computer muss neu gestartet werden.

Error: (07/05/2014 01:10:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: lsass.exe, Version: 6.1.7601.18443, Zeitstempel: 0x5348920c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000020a7a
ID des fehlerhaften Prozesses: 0x258
Startzeit der fehlerhaften Anwendung: 0xlsass.exe0
Pfad der fehlerhaften Anwendung: lsass.exe1
Pfad des fehlerhaften Moduls: lsass.exe2
Berichtskennung: lsass.exe3

Error: (07/05/2014 04:18:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2014 04:15:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2014 00:27:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2014 00:27:37 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/04/2014 11:59:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 11:51:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 09:48:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/05/2014 01:16:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612

Error: (07/05/2014 01:14:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv07

Error: (07/05/2014 01:12:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (07/05/2014 01:12:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (07/05/2014 01:12:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎07.‎2014 um 13:11:15 unerwartet heruntergefahren.

Error: (07/05/2014 01:10:53 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WerSvc" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1722

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (07/05/2014 01:10:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2014 01:10:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2014 01:10:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CamMonitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2014 01:10:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (07/05/2014 01:14:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2014 01:10:52 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: C:\Windows\system32\lsass.exe255

Error: (07/05/2014 01:10:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lsass.exe6.1.7601.184435348920cntdll.dll6.1.7601.18247521eaf24c00000050000000000020a7a25801cf97d308abecb0C:\Windows\system32\lsass.exeC:\Windows\SYSTEM32\ntdll.dll054d0a26-0435-11e4-a131-9439e5c5c0aa

Error: (07/05/2014 04:18:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/05/2014 04:15:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Larissa\Downloads\esetsmartinstaller_deu.exe

Error: (07/05/2014 00:27:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Larissa\Downloads\esetsmartinstaller_deu.exe

Error: (07/05/2014 00:27:37 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Larissa\Downloads\esetsmartinstaller_deu.exe

Error: (07/04/2014 11:59:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 11:51:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 09:48:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-07-05 13:12:54.707
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-05 13:12:54.595
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-05 13:12:46.344
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-05 13:12:46.264
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-05 13:12:27.817
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-05 13:12:27.739
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:58:20.539
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:58:20.407
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:58:14.271
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-04 23:58:14.171
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 4077.86 MB
Available physical RAM: 1947.48 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 5590.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.98 GB) (Free:184.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: CA51395E)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014
Ran by Larissa (administrator) on LARISSA-VAIO on 05-07-2014 13:30:52
Running from C:\Users\Larissa\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(OptionNV) C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Farbar) C:\Users\Larissa\Downloads\FRST64(2).exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Larissa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-02]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage:

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 GtDetectSc; C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [809984 2009-05-04] (OptionNV) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2013-10-29] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [211456 2012-08-18] () [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-25] (Avira Operations GmbH & Co. KG)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2012-08-18] () [File not signed]
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 swivsp; C:\Windows\System32\DRIVERS\swivspnt.sys [23552 2007-03-26] (Sierra Wireless Inc.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 RSPCIESTOR; system32\DRIVERS\RtsPStor.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-05 13:20 - 2014-07-05 13:20 - 02084352 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64(2).exe
2014-07-05 13:19 - 2014-07-05 13:19 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-05 13:19 - 2014-07-05 13:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-05 13:19 - 2014-07-05 13:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-05 13:19 - 2014-07-05 13:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-05 13:19 - 2014-07-05 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-05 13:19 - 2014-07-05 13:19 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-05 13:18 - 2014-07-05 13:18 - 00918952 _____ (Oracle Corporation) C:\Users\Larissa\Downloads\jxpiinstall(1).exe
2014-07-05 13:10 - 2014-07-05 13:10 - 00448512 _____ (OldTimer Tools) C:\Users\Larissa\Downloads\TFC.exe
2014-07-05 13:10 - 2014-07-05 13:10 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-07-05 00:27 - 2014-07-05 00:27 - 02347384 _____ (ESET) C:\Users\Larissa\Downloads\esetsmartinstaller_deu.exe
2014-07-05 00:27 - 2014-07-05 00:27 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 22:56 - 2014-07-05 00:03 - 00053851 _____ () C:\Users\Larissa\Downloads\Addition.txt
2014-07-04 22:55 - 2014-07-05 13:31 - 00016706 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-04 22:54 - 2014-07-04 22:55 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64(1).exe
2014-07-04 22:19 - 2014-07-05 13:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 22:19 - 2014-07-04 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-04 22:18 - 2014-07-04 22:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-04 22:18 - 2014-07-04 22:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Larissa\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 22:18 - 2014-07-04 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 22:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-04 22:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-04 22:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-04 22:02 - 2014-07-04 22:02 - 00025657 _____ () C:\ComboFix.txt
2014-07-04 21:05 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-04 21:05 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-04 21:05 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-04 21:05 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-04 21:04 - 2014-07-04 22:02 - 00000000 ____D () C:\Qoobox
2014-07-04 21:04 - 2014-07-04 21:59 - 00000000 ____D () C:\Windows\erdnt
2014-07-04 21:03 - 2014-07-04 21:03 - 05213907 ____R (Swearware) C:\Users\Larissa\Downloads\ComboFix.exe
2014-07-04 20:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-04 20:22 - 2014-07-04 20:26 - 00000000 ____D () C:\AdwCleaner
2014-07-04 20:20 - 2014-07-04 20:20 - 01346519 _____ () C:\Users\Larissa\Downloads\adwcleaner_3.214.exe
2014-07-04 18:29 - 2014-07-05 13:30 - 00000000 ____D () C:\FRST
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-06-24 12:49 - 2014-07-04 20:26 - 00001079 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-22 18:58 - 2014-07-04 12:08 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:18 - 2014-07-04 23:50 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-21 13:20 - 2014-07-04 20:08 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-06-21 06:37 - 2014-06-21 18:38 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 19:21 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-14 19:21 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-14 19:21 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-14 19:21 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-14 19:21 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-14 19:21 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-14 19:21 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-14 19:21 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-14 19:21 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-14 19:21 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-14 19:21 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-14 19:21 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-14 19:21 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-14 19:21 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-14 19:21 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-14 19:21 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-14 19:21 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-14 19:21 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-14 19:21 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-14 19:21 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-14 19:21 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-14 19:21 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-14 19:21 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-14 19:21 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-14 19:21 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-14 19:21 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-14 19:21 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-14 19:21 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-14 19:21 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-14 19:21 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-14 19:21 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-14 19:21 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-14 19:21 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-14 19:21 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-14 19:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-14 19:21 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 19:21 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 19:21 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-14 19:21 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-14 19:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-14 19:19 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-14 19:19 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-14 13:51 - 2014-06-20 18:34 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-07 13:11 - 2014-06-14 13:52 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung

==================== One Month Modified Files and Folders =======

2014-07-05 13:31 - 2014-07-04 22:55 - 00016706 _____ () C:\Users\Larissa\Downloads\FRST.txt
2014-07-05 13:30 - 2014-07-04 18:29 - 00000000 ____D () C:\FRST
2014-07-05 13:30 - 2012-03-29 17:02 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-05 13:30 - 2012-03-29 17:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-05 13:30 - 2012-03-29 17:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-05 13:30 - 2012-03-29 17:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-05 13:21 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-05 13:21 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-05 13:20 - 2014-07-05 13:20 - 02084352 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64(2).exe
2014-07-05 13:20 - 2013-12-29 13:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-05 13:20 - 2012-03-12 13:16 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{08158E50-22FD-4CF1-BAC4-092B9F4F9693}
2014-07-05 13:19 - 2014-07-05 13:19 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-05 13:19 - 2014-07-05 13:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-05 13:19 - 2014-07-05 13:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-05 13:19 - 2014-07-05 13:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-05 13:19 - 2014-07-05 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-05 13:19 - 2014-07-05 13:19 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-05 13:18 - 2014-07-05 13:18 - 00918952 _____ (Oracle Corporation) C:\Users\Larissa\Downloads\jxpiinstall(1).exe
2014-07-05 13:17 - 2012-02-02 04:14 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-07-05 13:17 - 2012-02-02 04:14 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-07-05 13:17 - 2012-02-01 19:19 - 01566547 _____ () C:\Windows\WindowsUpdate.log
2014-07-05 13:17 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-05 13:14 - 2014-07-04 22:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 13:14 - 2012-12-17 17:29 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-05 13:14 - 2012-08-27 12:21 - 00000000 ___RD () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-05 13:12 - 2012-02-01 19:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-05 13:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-05 13:12 - 2009-07-14 06:51 - 00083861 _____ () C:\Windows\setupact.log
2014-07-05 13:10 - 2014-07-05 13:10 - 00448512 _____ (OldTimer Tools) C:\Users\Larissa\Downloads\TFC.exe
2014-07-05 13:10 - 2014-07-05 13:10 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-07-05 13:00 - 2012-07-09 03:50 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job
2014-07-05 13:00 - 2012-07-09 03:50 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job
2014-07-05 12:57 - 2012-12-17 17:29 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-05 12:50 - 2012-11-25 16:18 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job
2014-07-05 10:48 - 2012-11-25 16:18 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job
2014-07-05 00:27 - 2014-07-05 00:27 - 02347384 _____ (ESET) C:\Users\Larissa\Downloads\esetsmartinstaller_deu.exe
2014-07-05 00:27 - 2014-07-05 00:27 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-05 00:03 - 2014-07-04 22:56 - 00053851 _____ () C:\Users\Larissa\Downloads\Addition.txt
2014-07-04 23:58 - 2010-11-21 05:47 - 00280438 _____ () C:\Windows\PFRO.log
2014-07-04 23:50 - 2014-06-22 06:18 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-07-04 23:49 - 2012-06-19 20:07 - 00000000 ____D () C:\Windows\cs
2014-07-04 23:48 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-04 22:55 - 2014-07-04 22:54 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64(1).exe
2014-07-04 22:19 - 2014-07-04 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-04 22:19 - 2014-07-04 22:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-04 22:18 - 2014-07-04 22:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Larissa\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 22:18 - 2014-07-04 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 22:02 - 2014-07-04 22:02 - 00025657 _____ () C:\ComboFix.txt
2014-07-04 22:02 - 2014-07-04 21:04 - 00000000 ____D () C:\Qoobox
2014-07-04 22:02 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-04 21:59 - 2014-07-04 21:04 - 00000000 ____D () C:\Windows\erdnt
2014-07-04 21:47 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-04 21:27 - 2012-03-13 13:15 - 00000000 ____D () C:\Users\Larissa\AppData\Local\CrashDumps
2014-07-04 21:03 - 2014-07-04 21:03 - 05213907 ____R (Swearware) C:\Users\Larissa\Downloads\ComboFix.exe
2014-07-04 20:29 - 2012-03-13 00:15 - 00000000 ____D () C:\Users\Larissa\Tracing
2014-07-04 20:26 - 2014-07-04 20:22 - 00000000 ____D () C:\AdwCleaner
2014-07-04 20:26 - 2014-06-24 12:49 - 00001079 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-04 20:26 - 2013-07-20 22:49 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Common
2014-07-04 20:26 - 2012-11-23 12:08 - 00000000 ____D () C:\Users\Freunde
2014-07-04 20:26 - 2012-03-12 13:32 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 20:26 - 2012-03-12 13:07 - 00000999 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-04 20:26 - 2012-03-12 13:05 - 00000000 ____D () C:\Users\Larissa
2014-07-04 20:20 - 2014-07-04 20:20 - 01346519 _____ () C:\Users\Larissa\Downloads\adwcleaner_3.214.exe
2014-07-04 20:08 - 2014-06-21 13:20 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Security Systems
2014-07-04 19:59 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-07-04 18:28 - 2014-07-04 18:28 - 02083840 _____ (Farbar) C:\Users\Larissa\Downloads\FRST64.exe
2014-07-04 18:27 - 2014-07-04 18:27 - 01073664 _____ (Farbar) C:\Users\Larissa\Downloads\FRST.exe
2014-07-04 12:08 - 2014-06-22 18:58 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{9312F0EF-2862-43E7-AC85-750F1C32E477}
2014-07-03 22:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-24 14:21 - 2012-03-12 13:08 - 00000000 ____D () C:\Users\Larissa\Documents\Bluetooth Folder
2014-06-24 11:59 - 2013-11-09 15:24 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-22 09:01 - 2012-02-01 19:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-22 09:01 - 2012-02-01 19:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 09:00 - 2012-02-01 19:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-22 08:49 - 2013-07-20 22:51 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2014-06-22 08:41 - 2013-12-24 20:23 - 00000000 ____D () C:\Program Files (x86)\3D-Fahrschule Demo
2014-06-22 08:39 - 2013-12-22 19:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 06:40 - 2014-06-22 06:40 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8E4F1E49-B58E-4F61-BC96-AC7EABFCFA5F}
2014-06-22 06:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-22 05:32 - 2012-06-11 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 18:38 - 2014-06-21 06:37 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{E33271DA-AD7E-4644-B19F-6F3D7C21518D}
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieUserList
2014-06-21 13:21 - 2014-06-21 13:21 - 00000000 __SHD () C:\Users\Larissa\AppData\Local\EmieSiteList
2014-06-20 23:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 18:59 - 2014-05-09 09:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-20 18:58 - 2012-03-12 13:36 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\SoftGrid Client
2014-06-20 18:42 - 2014-04-29 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-20 18:39 - 2014-04-30 03:00 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-20 18:34 - 2014-06-14 13:51 - 00000000 ____D () C:\Users\Larissa\AppData\Local\{8DE265C9-E261-4AF9-87C1-065D9C7A826F}
2014-06-19 19:52 - 2012-12-17 17:29 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:52 - 2012-12-17 17:29 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 15:14 - 2014-06-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 21:46 - 2013-11-09 15:24 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-14 19:15 - 2012-05-17 13:21 - 00000000 ____D () C:\Update
2014-06-14 19:15 - 2012-02-01 19:35 - 00000000 ____D () C:\Program Files\Sony
2014-06-14 13:52 - 2014-06-07 13:11 - 00000000 ____D () C:\Users\Larissa\Documents\Bewerbung
2014-06-14 13:51 - 2012-03-12 13:06 - 00118024 _____ () C:\Users\Larissa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 11:13 - 2014-06-14 19:19 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-14 19:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 13:31 - 2012-04-03 23:59 - 00000000 ____D () C:\Users\Larissa\Documents\Tagebuch

Some content of TEMP:
====================
C:\Users\Larissa\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-01 22:47

==================== End Of Log ============================
--- --- ---

--- --- ---

deeprybka 05.07.2014 12:46
Oh Mann, ist ganz schön anstrengend mit Dir :D

Das bitte noch versuchen zu deinstallieren (Windows Programme oder mit Revo):
Yahoo Community Smartbar
Re-markit

http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

http://deeprybka.trojaner-board.de/b...s/combofix.png Combofix-Deinstallation.
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.






Alle Logs gepostet? Ja! Dann lade Dir bitte http://filepony.de/icon/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.




>>clean<<
Wir haben es geschafft! :abklatsch:
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;)

http://www.trojaner-board.de/extra/lesestoff.pngWie kann ich mich in Zukunft besser schützen?

Tipps, Dos & Don'ts

http://deeprybka.trojaner-board.de/b...ast/schild.pngUpdates & Software
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.



http://deeprybka.trojaner-board.de/b...ast/schild.pngFirewall, Antivirus & Co.
http://s1.directupload.net/images/140701/eivrliwa.pngCracks, Downloads & Co.


Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.
Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten.
Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe daher mit Vorsicht und klicke mit Verstand.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von Dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo Deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst Du von einem Deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und Du solltest nicht denselben Fehler machen.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
  • Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Die Larissa 05.07.2014 12:50
Dankeeeee :)

Ich kann Yahoo Community Smartbar und Re-markit nicht entfernen, aber das ist ja glaube ich auch nicht schlimm ?!

Den Rest mach ich dann später, aber scheint alles clean zu sein juhuuu

deeprybka 05.07.2014 13:00
Warum kannst Du das Zeug nicht entfernen?

Die Larissa 05.07.2014 13:02
Wenn ich auf deinstallieren gehe, dann passiert einfach nichts ....
Ich wollte die beiden Sachen schon vor längerer Zeit deinstallieren.
Hat halt nie geklappt! :(

deeprybka 05.07.2014 13:03
Mit Revo gehts auch nicht?

Die Larissa 05.07.2014 13:05
Nee, hatte ich ja schon eigentlich gemacht.
Es verwundert mich deswegen auch ein bisschen, dass die beiden Programme noch drauf sind.

deeprybka 05.07.2014 13:09
Naja was heißt drauf...

Adwarecleaner hat den Dienst und den Ordner schon einkassiert...
Code:
Ordner Gelöscht : C:\Program Files (x86)\Re-markit
Lässt den halt auch ab und zu laufen....Im Log ist ja nichts mehr zu sehen so wie am Anfang.

Die Larissa 05.07.2014 15:43
Hmm, ich kenne mich damit eh nicht aus :/

Das ist jetzt bei der Combofix - Deinstallation bei raus gekommen:

Code:
ComboFix 14-07-03.01 - Larissa 05.07.2014  16:11:10.2.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4078.2224 [GMT 2:00]
ausgeführt von:: c:\users\Larissa\Downloads\ComboFix.exe
Benutzte Befehlsschalter :: /Unistall
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Java\jre7\bin\jp2ssv.dll
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-06-05 bis 2014-07-05  ))))))))))))))))))))))))))))))
.
.
2014-07-05 14:22 . 2014-07-05 14:22        --------        d-----w-        c:\users\Freunde\AppData\Local\temp
2014-07-05 14:22 . 2014-07-05 14:22        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-07-05 11:20 . 2014-07-05 11:20        --------        d-----w-        c:\program files (x86)\Common Files\Java
2014-07-05 11:19 . 2014-07-05 11:19        98216        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-05 11:19 . 2014-07-05 11:19        --------        d-----w-        c:\program files (x86)\Java
2014-07-05 11:10 . 2014-07-05 11:10        --------        d-----w-        c:\windows\system32\%LOCALAPPDATA%
2014-07-04 22:27 . 2014-07-04 22:27        --------        d-----w-        c:\program files (x86)\ESET
2014-07-04 20:19 . 2014-07-05 13:36        122584        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-04 20:18 . 2014-07-04 20:19        --------        d-----w-        c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-04 20:18 . 2014-07-04 20:18        --------        d-----w-        c:\programdata\Malwarebytes
2014-07-04 20:18 . 2014-05-12 05:26        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys
2014-07-04 20:18 . 2014-05-12 05:26        91352        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2014-07-04 20:18 . 2014-05-12 05:25        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-07-04 18:24 . 2010-08-30 06:34        536576        ----a-w-        c:\windows\SysWow64\sqlite3.dll
2014-07-04 18:22 . 2014-07-04 18:26        --------        d-----w-        C:\AdwCleaner
2014-07-04 16:29 . 2014-07-05 11:32        --------        d-----w-        C:\FRST
2014-06-21 11:21 . 2014-06-21 11:21        --------        d-sh--w-        c:\users\Larissa\AppData\Local\EmieUserList
2014-06-21 11:21 . 2014-06-21 11:21        --------        d-sh--w-        c:\users\Larissa\AppData\Local\EmieSiteList
2014-06-21 11:20 . 2014-07-04 18:08        --------        d-----w-        c:\users\Larissa\AppData\Roaming\Security Systems
2014-06-14 17:19 . 2014-06-08 09:13        506368        ----a-w-        c:\windows\system32\aepdu.dll
2014-06-14 17:19 . 2014-06-08 09:08        424448        ----a-w-        c:\windows\system32\aeinv.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-05 11:30 . 2012-03-29 15:02        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-05 11:30 . 2012-03-29 15:02        699056        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-24 09:59 . 2013-11-09 13:24        117712        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2014-06-20 16:39 . 2014-04-30 01:00        95414520        ----a-w-        c:\windows\system32\MRT.exe
2014-06-14 19:46 . 2013-11-09 13:24        130584        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2014-05-24 14:54 . 2014-05-24 14:54        17938608        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-04-18 19:29 . 2014-04-18 19:29        74703        ----a-w-        c:\windows\SysWow64\mfc45.dll
2014-04-18 19:28 . 2014-04-18 19:29        13792        ----a-w-        c:\windows\system32\drivers\semav6thermal64ro.sys
2014-04-12 02:22 . 2014-05-24 13:08        155072        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:22 . 2014-05-24 13:08        95680        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:19 . 2014-05-24 13:08        29184        ----a-w-        c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-24 13:08        136192        ----a-w-        c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-24 13:08        28160        ----a-w-        c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-24 13:08        1460736        ----a-w-        c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-24 13:08        31232        ----a-w-        c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-24 13:08        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-24 13:08        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-06-24 750160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\DRIVERS\swivspnt.sys;c:\windows\SYSNATIVE\DRIVERS\swivspnt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 GtDetectSc;GtDetectSc;c:\program files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe;c:\program files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 11:30]
.
2014-07-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001Core.job
- c:\users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-09 10:55]
.
2014-07-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1001UA.job
- c:\users\Larissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-09 10:55]
.
2014-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 15:29]
.
2014-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 15:29]
.
2014-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003Core.job
- c:\users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25 14:17]
.
2014-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1729608130-416407075-3546430458-1003UA.job
- c:\users\Freunde\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25 14:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Larissa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Mit Mipony herunterladen - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\4t21xmzr.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
AddRemove-Activeris AntiMalware_is1 - c:\program files (x86)\Activeris AntiMalware\unins000.exe
AddRemove-c974fc9c-b15a-417f-8a56-1c64d86b29b5 - c:\program files (x86)\Re-markit\Uninstall.exe
AddRemove-Foxy Secure - c:\users\Larissa\AppData\Roaming\Security Systems\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-07-05  16:38:56
ComboFix-quarantined-files.txt  2014-07-05 14:38
ComboFix2.txt  2014-07-04 20:02
.
Vor Suchlauf: 19 Verzeichnis(se), 196.800.892.928 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 196.502.863.872 Bytes frei
.
- - End Of File - - BBA5D4CCDF109FF73DA45F0FCEE87371

deeprybka 05.07.2014 16:11
Zitat:
Zitat von Die Larissa (Beitrag 1326220)
Das ist jetzt bei der Combofix - Deinstallation bei raus gekommen:
Aha....
Kannst mir bitte mal genau erzählen wie Du vorgegangen bist?

Die Larissa 05.07.2014 16:12
Na so wie es in Deiner Beschreibung stand ...

Und hier noch DelFix:

Code:
# DelFix v10.7 - Datei am 05/07/2014 um 17:02:13 erstellt
# Aktualisiert am 27/04/2014 von Xplode
# Benutzer : Larissa - LARISSA-VAIO
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Aktiviere die Benutzerkontensteuerung ... OK

~ Entferne die Bereinigungsprogramme ...

Gelöscht : C:\Qoobox
Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\ComboFix.txt
Gelöscht : C:\TDSSKiller.2.5.5.0_13.03.2012_12.01.07_log.txt
Gelöscht : C:\TDSSKiller.2.5.5.0_13.03.2012_12.01.38_log.txt
Gelöscht : C:\Users\Larissa\Downloads\Addition.txt
Gelöscht : C:\Users\Larissa\Downloads\adwcleaner_3.214.exe
Gelöscht : C:\Users\Larissa\Downloads\ComboFix.exe
Gelöscht : C:\Users\Larissa\Downloads\esetsmartinstaller_deu.exe
Gelöscht : C:\Users\Larissa\Downloads\Fixlog.txt
Gelöscht : C:\Users\Larissa\Downloads\FRST.exe
Gelöscht : C:\Users\Larissa\Downloads\FRST.txt
Gelöscht : C:\Users\Larissa\Downloads\FRST64(1).exe
Gelöscht : C:\Users\Larissa\Downloads\FRST64(2).exe
Gelöscht : C:\Users\Larissa\Downloads\FRST64.exe
Gelöscht : C:\Users\Larissa\Downloads\TFC.exe
Gelöscht : C:\Windows\grep.exe
Gelöscht : C:\Windows\PEV.exe
Gelöscht : C:\Windows\NIRCMD.exe
Gelöscht : C:\Windows\MBR.exe
Gelöscht : C:\Windows\SED.exe
Gelöscht : C:\Windows\SWREG.exe
Gelöscht : C:\Windows\SWSC.exe
Gelöscht : C:\Windows\SWXCACLS.exe
Gelöscht : C:\Windows\Zip.exe
Gelöscht : HKLM\SOFTWARE\OldTimer Tools
Gelöscht : HKLM\SOFTWARE\AdwCleaner
Gelöscht : HKLM\SOFTWARE\Swearware
Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~ Erstelle ein Backup der Registrierungsdatenbank ... OK

~ Lösche die Wiederherstellungspunkte ...

Gelöscht : RP #231 [Revo Uninstaller's restore point - Re-markit | 07/04/2014 17:55:34]
Gelöscht : RP #232 [Revo Uninstaller's restore point - Settings Manager | 07/04/2014 18:06:08]
Gelöscht : RP #233 [Revo Uninstaller's restore point - SupTab | 07/04/2014 18:09:06]
Gelöscht : RP #234 [Revo Uninstaller's restore point - t4pc_en_6 | 07/04/2014 18:10:30]
Gelöscht : RP #235 [Revo Uninstaller's restore point - video MediaPlayer | 07/04/2014 18:12:25]
Gelöscht : RP #236 [Revo Uninstaller's restore point - video MediaPlayer | 07/04/2014 18:13:49]
Gelöscht : RP #237 [Revo Uninstaller's restore point - webssearches uninstaller | 07/04/2014 18:14:55]
Gelöscht : RP #238 [Revo Uninstaller's restore point - WindowsProtectManger20.0.0.401 | 07/04/2014 18:16:32]
Gelöscht : RP #239 [Revo Uninstaller's restore point - Yahoo Community Smartbar | 07/04/2014 18:17:44]
Gelöscht : RP #240 [Revo Uninstaller's restore point - Yahoo Community Smartbar Engine | 07/04/2014 18:19:03]
Gelöscht : RP #241 [Removed Java 7 Update 45 | 07/05/2014 11:16:17]
Gelöscht : RP #242 [Removed Java 7 Update 45 | 07/05/2014 11:17:31]
Gelöscht : RP #243 [Installed Java 7 Update 60 | 07/05/2014 11:19:26]

Ein neuer Wiederherstellungspunkt wurde erstellt !

~ Stelle die Systemeinstellungen wieder her ... OK

########## - EOF - ##########

deeprybka 05.07.2014 16:15
Na gut, wir sind jetzt jedenfalls fertig! (V.a. ich! :D)

Liebe Grüße und Alles Gute!

Die Larissa 05.07.2014 16:16
Super, vielen Dank! :D

deeprybka 07.07.2014 20:33
Gerne! :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:39 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131