Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Überwachung, Datenschutz und Spam (https://www.trojaner-board.de/uberwachung-datenschutz-spam/)
-   -   Adware.Tracking cookie (https://www.trojaner-board.de/152141-adware-tracking-cookie.html)

Corina 07.04.2014 10:12
Adware.Tracking cookie
 
Hallo zusammen,

Sobald ich Firefox oder den Internet Explorer öffne beginnt mein Problem. Ständig öffnen sich neue Seiten die von Malewarebytes direkt geblockt werden. Zumindest meistens. Sämtliche Seiten sind voller Werbung von "Ads from Browser Extension" welche ich nicht auf der Add-on Seite von Firefox finde und deaktiveren kann.
Das Programm "SuperAntiSpyware" findet lauter Adware Tracking Cookies.
Kann mir jemand helfen?

cosinus 07.04.2014 10:45
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Corina 07.04.2014 12:15
Hi,

vielen Dank für die schnell Antwort. Malewarebytes hat was gefunden, das hab ich heute morgen in Quarantäne gesteckt, hat aber nicht geholfen. Dann hat mir ne Freundin geraten mich an euch zu wenden :)

Hier die Log von Malewarebytes

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 07.04.2014
Suchlauf-Zeit: 09:22:15
Logdatei: Malware-log.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.07.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Coco

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 273051
Verstrichene Zeit: 10 Min, 53 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, 1476, Löschen bei Neustart, [1f6257d07209b086c141d27de819fb05]

Module: 2
PUP.Optional.CrossRider.M, C:\Program Files (x86)\HQVid8.1b\HQVid8.1b-bho.dll, Löschen bei Neustart, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, C:\Program Files (x86)\HQVid8.1b\HQVid8.1b-bho.dll, Löschen bei Neustart, [93eef136c2b961d5cb4c36e38a7abd43],

Registrierungsschlüssel: 40
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, In Quarantäne, [1f6257d07209b086c141d27de819fb05],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [d1b09394097221150779c04dc33f758b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [d1b09394097221150779c04dc33f758b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [d1b09394097221150779c04dc33f758b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [d1b09394097221150779c04dc33f758b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [d1b09394097221150779c04dc33f758b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [d1b09394097221150779c04dc33f758b],
PUP.Optional.SupTab.A, HKU\S-1-5-21-4172602817-1105754241-2977795870-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Löschen bei Neustart, [d1b09394097221150779c04dc33f758b],
PUP.Optional.SupTab.A, HKU\S-1-5-21-4172602817-1105754241-2977795870-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Löschen bei Neustart, [d1b09394097221150779c04dc33f758b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [d1b09394097221150779c04dc33f758b],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0053172.BHO, In Quarantäne, [6021d84f4d2e42f42623e89ede253dc3],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0053172.BHO.1, In Quarantäne, [067b66c163180a2c07422f57ff04c33d],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0053172.Sandbox, In Quarantäne, [4f322ff880fba3936cdd6224cf34916f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0053172.Sandbox.1, In Quarantäne, [b4cd1116e29991a5f356711553b0ea16],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\27058, In Quarantäne, [265bdb4cd7a4ee48d953acb6ce340ef2],
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, In Quarantäne, [a4ddb37475065bdb010c89d9cd35a65a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0053172.BHO, In Quarantäne, [463bcd5ac2b9b6800b3e196d6d9606fa],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0053172.BHO.1, In Quarantäne, [6819c760accf89ad50f91b6b52b1e41c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0053172.Sandbox, In Quarantäne, [b9c8c463f487d95d80c9c6c0e221dd23],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0053172.Sandbox.1, In Quarantäne, [621fb77016650d292e1b0e78f310fe02],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\27058, In Quarantäne, [e39e60c7b1ca999dca62da88f40e847c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4172602817-1105754241-2977795870-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Löschen bei Neustart, [b8c9e1460378f73f946468317d86b14f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4172602817-1105754241-2977795870-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\27058, Löschen bei Neustart, [3d44f82f89f286b0be6fd68c31d1b54b],
PUP.Optional.Qone8, HKU\S-1-5-21-4172602817-1105754241-2977795870-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [a5dccc5b582322143bf3038e689b31cf],
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\webssearches uninstaller, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511311172}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511311172}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220522312272}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110511311172}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544314472}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555315572}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566316672}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555315572}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566316672}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544314472}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511311172}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKU\S-1-5-21-4172602817-1105754241-2977795870-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110511311172}, Löschen bei Neustart, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKU\S-1-5-21-4172602817-1105754241-2977795870-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110511311172}, Löschen bei Neustart, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220522312272}, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511311172}\INPROCSERVER32, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 9
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95),Ersetzt,[6819f334e09b79bdf85d6f9d976d9e62]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95&q={searchTerms}),Ersetzt,[1a6749ded5a60234de7a3cd0976d20e0]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95),Ersetzt,[0d74a582b8c3aa8ce96ebd4f1ee6718f]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95),Ersetzt,[8af72dfaa6d5979fba9f14f8c83cb44c]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95),Ersetzt,[d0b1e5424c2f65d1cc89ff0d28dcc33d]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95&q={searchTerms}),Ersetzt,[ef92ee396b10ea4c84d4c04cd034a15f]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95),Ersetzt,[5031ab7c314ac96d84d319f3f21219e7]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95),Ersetzt,[8ef313140c6ffc3ae673f21a32d2827e]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-4172602817-1105754241-2977795870-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95),Löschen bei Neustart,[91f0e740ec8f6dc9db43f621a262c43c]

Ordner: 41
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, Löschen bei Neustart, [fc85180f403b5bdb21cbb0a7cd35d729],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, In Quarantäne, [fc85180f403b5bdb21cbb0a7cd35d729],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\defaults, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\defaults\preferences, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\userCode, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\locale, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\locale\en-US, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\images, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],

Dateien: 180
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, Löschen bei Neustart, [1f6257d07209b086c141d27de819fb05],
PUP.Optional.SupTab.A, C:\Users\Coco\AppData\Roaming\SupTab\SupTab.dll, In Quarantäne, [c0c12106adcefb3be06a9c99a7595da3],
PUP.Optional.Conduit.A, C:\Users\Coco\AppData\Local\Temp\40b83c05-4456-410f-94da-0b475f9ddbe1\spidentifierimpl.exe, In Quarantäne, [a2df58cfd0abf83e00ec7e98bc457e82],
PUP.Optional.SkyTech.A, C:\Users\Coco\AppData\Local\Temp\40b83c05-4456-410f-94da-0b475f9ddbe1\software\lly_webssearches.exe, In Quarantäne, [1a67de49453639fdffe3202e7190ea16],
PUP.Optional.SkyTech.A, C:\Users\Coco\AppData\Local\Temp\fullpackage_temp1396764494\alilog.dll, In Quarantäne, [750c91963a41bc7a888ac76b4cb46b95],
PUP.Optional.SkyTech.A, C:\Users\Coco\AppData\Local\Temp\fullpackage_temp1396764494\package1.zip, In Quarantäne, [daa7ec3b344779bdec264ce6ae52f30d],
PUP.Optional.IePluginService.A, C:\Users\Coco\AppData\Local\Temp\fullpackage_temp1396764494\tmp\SupTab.exe, In Quarantäne, [a4dd1215681377bfca38a6a925dc3ec2],
PUP.Optional.WpManager, C:\Users\Coco\AppData\Local\Temp\fullpackage_temp1396764494\tmp\wpm.exe, In Quarantäne, [7d04f7308eed58de6ad85bfe54adc937],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\74d52b3c-be80-4a90-bd6c-4b7266540f32-1.job, In Quarantäne, [b1d059cede9d9a9cecb473edf80a867a],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\74d52b3c-be80-4a90-bd6c-4b7266540f32-2.job, In Quarantäne, [5d2478af8cefc07699079ac615ede917],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\74d52b3c-be80-4a90-bd6c-4b7266540f32-3.job, In Quarantäne, [1d64af780a7176c0940cd68a9171c838],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\74d52b3c-be80-4a90-bd6c-4b7266540f32-4.job, In Quarantäne, [5031b4738cef7db9d6cadd83689aee12],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\74d52b3c-be80-4a90-bd6c-4b7266540f32-5.job, In Quarantäne, [f988a483cfac8fa75947c8988d75867a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\search.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\sliders.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [2d5495920972ae887660c4a77e84b34d],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update\conf, In Quarantäne, [fc85180f403b5bdb21cbb0a7cd35d729],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome.manifest, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\install.rdf, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\background.html, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\baseObject.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\browser.xul, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\dialog.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\main.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\options.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\options.xul, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\platformVersion.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\search_dialog.xul, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\asyncDB.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\background.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\browserAction.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\contextMenu.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\dbManager.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\dom_bg.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\fileManager.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefox.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefoxNotifications.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefoxOmnibox.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\message.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\pageAction.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\request.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\tabs.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\webRequest.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\windowsMessagingHandler.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\addressBarChangeObserver.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\console.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\consts.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\delegate.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\extensionDataStore.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\folderIOWrapper.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\httpObserver.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\IDBWrapper.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\installer.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\logFile.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\prefs.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\progressListenerObserver.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\registry.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\reloadObserver.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\reports.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\requestObject.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\searchSettings.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\uninstallObserver.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\updateManager.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\utils.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\xhr.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\defaults\preferences\prefs.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\manifest.xml, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins.json, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\1.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\102.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\103.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\104.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\119.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\13.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\14.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\16.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\17.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\177.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\178.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\179.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\180.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\182.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\183.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\184.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\191.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\207.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\21.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\22.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\223.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\231.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\232.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\242.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\246.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\28.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\4.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\47.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\64.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\72.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\78.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\91.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\93.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\98.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\userCode\background.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\userCode\extension.js, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\locale\en-US\translations.dtd, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button1.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button2.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button3.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button4.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button5.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\crossrider_statusbar.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon128.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon16.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon24.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon48.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\panelarrow-up.png, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\popup.html, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\skin.css, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\update.css, In Quarantäne, [6e13fb2c8cefaa8c6b89e8720ff319e7],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\92.json, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\uninstallDlg.xml, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\UninstallManager.exe, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\images\bg1.png, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\images\button1.png, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\images\checked.png, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\images\close.png, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\images\min.png, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\images\Thumbs.db, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.WebsSearches.A, C:\Users\Coco\AppData\Roaming\webssearches\images\unchecked.png, In Quarantäne, [69182bfc1566b5812403b3a94cb6e31d],
PUP.Optional.CrossRider.M, C:\Program Files (x86)\HQVid8.1b\HQVid8.1b-bho64.dll, In Quarantäne, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.M, C:\Program Files (x86)\HQVid8.1b\HQVid8.1b-bho.dll, Löschen bei Neustart, [93eef136c2b961d5cb4c36e38a7abd43],
PUP.Optional.CrossRider.A, C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "145369d64c7ebd356b65c53a4fd750a4");), Ersetzt,[651ce93ea1da7fb75063ca7630d4ce32]

Physische Sektoren: 0
(No malicious items detected)


(end)
Hier die FRST.

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Coco (administrator) on VAIO on 07-04-2014 12:46:17
Running from C:\Users\Coco\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Formosan) C:\Users\Coco\AppData\Local\Genesis\Genesis.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-03] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-21] (Synaptics Incorporated)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AT Service signup] - c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe [382976 2012-02-15] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [644656 2013-08-17] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [173136 2014-03-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4172602817-1105754241-2977795870-1002\...\Run: [genesis] - c:\users\coco\appdata\local\genesis\genesis.exe [2830336 2014-04-06] (Formosan)
HKU\S-1-5-21-4172602817-1105754241-2977795870-1002\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-08-29] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-08-29] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396764514&from=tugs&uid=WDCXWD10JPVT-55A1YT0_WD-WX31EA1ASH95ASH95&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {FA05A302-AD18-4859-9E4E-CD84E89DD6C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {D7C0CDEF-3515-411B-950F-10048ADA6973} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {FA05A302-AD18-4859-9E4E-CD84E89DD6C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 astsvr; C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe [119504 2014-03-03] (Anvisoft)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [121424 2014-03-25] (Avira Operations GmbH & Co. KG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-24] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-15] (McAfee, Inc.)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-15] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-15] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-15] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-15] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-15] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-21] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-07 12:46 - 2014-04-07 12:46 - 00018413 _____ () C:\Users\Coco\Downloads\FRST.txt
2014-04-07 12:46 - 2014-04-07 12:46 - 00000000 ____D () C:\FRST
2014-04-07 12:44 - 2014-04-07 12:44 - 02157056 _____ (Farbar) C:\Users\Coco\Downloads\FRST64.exe
2014-04-07 11:33 - 2014-04-07 11:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-07 11:33 - 2014-03-02 14:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 10:54 - 2014-04-07 10:54 - 00000117 _____ () C:\Windows\system32\netcfg-202140.txt
2014-04-07 10:50 - 2014-04-07 10:50 - 00000117 _____ () C:\Windows\system32\netcfg-652062.txt
2014-04-07 10:38 - 2014-04-07 10:38 - 00000117 _____ () C:\Windows\system32\netcfg-126609.txt
2014-04-07 10:36 - 2014-04-07 10:36 - 00000117 _____ () C:\Windows\system32\netcfg-75537812.txt
2014-04-07 09:55 - 2014-04-07 10:37 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f.job
2014-04-07 09:55 - 2014-04-07 10:37 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091.job
2014-04-07 09:55 - 2014-04-07 09:55 - 00003562 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f
2014-04-07 09:55 - 2014-04-07 09:55 - 00003480 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091
2014-04-07 09:55 - 2014-04-07 09:55 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\SUPERAntiSpyware.com
2014-04-07 09:54 - 2014-04-07 09:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-07 09:54 - 2014-04-07 09:54 - 18577712 _____ (SUPERAntiSpyware) C:\Users\Coco\Downloads\SUPERAntiSpyware.exe
2014-04-07 09:54 - 2014-04-07 09:54 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-04-07 09:54 - 2014-04-07 09:54 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-07 09:25 - 2014-04-07 09:25 - 00001185 _____ () C:\Users\Public\Desktop\Slim Toolbar.lnk
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Users\Coco\AppData\Local\Anvisoft
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-04-07 09:24 - 2014-04-07 09:24 - 10039608 _____ () C:\Users\Coco\Downloads\astsetup.exe
2014-04-07 09:10 - 2014-04-07 10:54 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 09:09 - 2014-04-07 09:10 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-07 09:09 - 2014-04-07 09:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-07 09:09 - 2014-04-07 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 09:09 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-07 09:09 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-07 09:09 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-07 09:08 - 2014-04-07 09:08 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Coco\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-07 09:07 - 2014-04-07 09:07 - 00709352 _____ ( ) C:\Users\Coco\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe
2014-04-07 09:02 - 2014-04-07 09:02 - 00000000 ____D () C:\Users\Coco\Downloads\adblockplus-2.5.1
2014-04-07 09:00 - 2014-04-07 09:00 - 01915176 _____ () C:\Users\Coco\Downloads\winrar-x64-51b2.exe
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-07 08:58 - 2014-04-07 08:58 - 00907018 _____ () C:\Users\Coco\Downloads\adblockplus-2.5.1.zip
2014-04-07 08:52 - 2014-04-07 10:54 - 00000000 ____D () C:\Update
2014-04-07 08:45 - 2014-04-07 08:45 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68723359.txt
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68722531.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26644406.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26640859.txt
2014-04-06 19:02 - 2014-04-06 19:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094468.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094343.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19069296.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19067828.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14815234.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14812234.txt
2014-04-06 16:52 - 2014-04-06 16:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-04-06 15:49 - 2014-04-06 15:49 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Avira
2014-04-06 15:47 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-04-06 15:47 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-04-06 15:47 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-04-06 15:44 - 2014-04-06 15:47 - 00000000 ____D () C:\ProgramData\Avira
2014-04-06 15:44 - 2014-04-06 15:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-06 15:44 - 2014-04-06 15:44 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-04-06 15:44 - 2014-04-06 15:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-06 15:43 - 2014-04-06 15:44 - 04413904 _____ (Avira Operations GmbH & Co. KG) C:\Users\Coco\Downloads\avira_de_av___ws.exe
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6831265.txt
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6823703.txt
2014-04-06 14:21 - 2014-04-06 14:21 - 00000117 _____ () C:\Windows\system32\netcfg-2677812.txt
2014-04-06 13:41 - 2014-04-06 13:41 - 00000117 _____ () C:\Windows\system32\netcfg-254484.txt
2014-04-06 13:38 - 2014-04-06 13:38 - 00000117 _____ () C:\Windows\system32\netcfg-105859.txt
2014-04-06 13:26 - 2014-04-06 13:26 - 00000117 _____ () C:\Windows\system32\netcfg-20999296.txt
2014-04-06 13:11 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-06 13:11 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-06 13:10 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-06 13:10 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-06 12:52 - 2014-04-06 12:52 - 00000000 ____D () C:\Users\Coco\AppData\Local\Macromedia
2014-04-06 12:50 - 2014-04-07 11:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-06 12:50 - 2014-04-06 12:50 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17382328.txt
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17380703.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-256125.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-250250.txt
2014-04-06 08:40 - 2014-04-06 07:40 - 00000117 _____ () C:\Windows\system32\netcfg-256171.txt
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3257312.txt
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3254890.txt
2014-04-06 08:20 - 2014-04-06 16:52 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iPod
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-06 08:20 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-04-06 08:12 - 2014-04-07 09:26 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-06 08:12 - 2014-04-06 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-06 08:12 - 2014-04-06 08:23 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Mozilla
2014-04-06 08:12 - 2014-04-06 08:23 - 00000000 ____D () C:\Users\Coco\AppData\Local\Mozilla
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-06 08:09 - 2014-04-06 18:59 - 00000000 ____D () C:\ProgramData\WPM
2014-04-06 08:08 - 2014-04-07 12:44 - 00000000 ____D () C:\Users\Coco\AppData\Local\Genesis
2014-04-06 08:08 - 2014-04-07 10:36 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1b
2014-04-06 08:08 - 2014-04-06 19:01 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-06 08:07 - 2014-04-06 08:07 - 00000000 _____ () C:\END
2014-04-06 07:51 - 2014-04-07 11:31 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4172602817-1105754241-2977795870-1002
2014-04-06 07:50 - 2014-04-06 07:50 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Macromedia
2014-04-06 07:48 - 2014-04-06 07:48 - 00000000 ____D () C:\Users\Coco\AppData\Local\Sony Corporation
2014-04-06 07:47 - 2014-04-06 07:47 - 00000000 ____D () C:\Users\Coco\AppData\Local\Intel_Corporation
2014-04-06 07:45 - 2014-04-06 08:08 - 00001674 _____ () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Adobe
2014-04-06 07:44 - 2014-04-06 07:50 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Sony Corporation
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\pss
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Users\Coco\AppData\Local\Power2Go8
2014-04-06 07:43 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco\AppData\Local\Packages
2014-04-06 07:43 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco
2014-04-06 07:43 - 2014-04-06 07:43 - 00000020 ___SH () C:\Users\Coco\ntuser.ini
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Vorlagen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Startmenü
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Netzwerkumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Lokale Einstellungen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Eigene Dateien
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Druckumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Musik
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Bilder
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Verlauf
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Intel
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Local\VirtualStore
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-335250.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-334609.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000000 ____D () C:\Windows\CSC
2014-04-06 07:40 - 2014-04-06 07:40 - 00000117 _____ () C:\Windows\system32\netcfg-259187.txt

==================== One Month Modified Files and Folders =======

2014-04-07 12:46 - 2014-04-07 12:46 - 00018413 _____ () C:\Users\Coco\Downloads\FRST.txt
2014-04-07 12:46 - 2014-04-07 12:46 - 00000000 ____D () C:\FRST
2014-04-07 12:45 - 2012-12-18 14:12 - 00000000 ____D () C:\ProgramData\MOCP
2014-04-07 12:44 - 2014-04-07 12:44 - 02157056 _____ (Farbar) C:\Users\Coco\Downloads\FRST64.exe
2014-04-07 12:44 - 2014-04-06 08:08 - 00000000 ____D () C:\Users\Coco\AppData\Local\Genesis
2014-04-07 12:26 - 2012-12-18 13:53 - 01909607 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 12:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-07 11:52 - 2014-04-06 12:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 11:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-07 11:34 - 2014-04-07 11:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-07 11:33 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-07 11:32 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-04-07 11:31 - 2014-04-06 07:51 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4172602817-1105754241-2977795870-1002
2014-04-07 10:54 - 2014-04-07 10:54 - 00000117 _____ () C:\Windows\system32\netcfg-202140.txt
2014-04-07 10:54 - 2014-04-07 09:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 10:54 - 2014-04-07 08:52 - 00000000 ____D () C:\Update
2014-04-07 10:51 - 2012-12-18 13:54 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-07 10:51 - 2012-12-18 13:54 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-04-07 10:51 - 2012-08-03 04:22 - 00133916 _____ () C:\Windows\PFRO.log
2014-04-07 10:51 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-07 10:50 - 2014-04-07 10:50 - 00000117 _____ () C:\Windows\system32\netcfg-652062.txt
2014-04-07 10:50 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-04-07 10:47 - 2012-12-18 13:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-07 10:38 - 2014-04-07 10:38 - 00000117 _____ () C:\Windows\system32\netcfg-126609.txt
2014-04-07 10:37 - 2014-04-07 09:55 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f.job
2014-04-07 10:37 - 2014-04-07 09:55 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091.job
2014-04-07 10:36 - 2014-04-07 10:36 - 00000117 _____ () C:\Windows\system32\netcfg-75537812.txt
2014-04-07 10:36 - 2014-04-06 08:08 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1b
2014-04-07 10:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-07 09:55 - 2014-04-07 09:55 - 00003562 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f
2014-04-07 09:55 - 2014-04-07 09:55 - 00003480 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091
2014-04-07 09:55 - 2014-04-07 09:55 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\SUPERAntiSpyware.com
2014-04-07 09:55 - 2014-04-07 09:54 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-07 09:54 - 2014-04-07 09:54 - 18577712 _____ (SUPERAntiSpyware) C:\Users\Coco\Downloads\SUPERAntiSpyware.exe
2014-04-07 09:54 - 2014-04-07 09:54 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-04-07 09:54 - 2014-04-07 09:54 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-07 09:27 - 2012-12-18 13:53 - 00000000 ____R () C:\Windows\SysWOW64\npDeployJava1.dll
2014-04-07 09:26 - 2014-04-06 08:12 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-07 09:25 - 2014-04-07 09:25 - 00001185 _____ () C:\Users\Public\Desktop\Slim Toolbar.lnk
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Users\Coco\AppData\Local\Anvisoft
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-04-07 09:24 - 2014-04-07 09:24 - 10039608 _____ () C:\Users\Coco\Downloads\astsetup.exe
2014-04-07 09:10 - 2014-04-07 09:09 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-07 09:10 - 2014-04-07 09:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-07 09:09 - 2014-04-07 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 09:08 - 2014-04-07 09:08 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Coco\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-07 09:07 - 2014-04-07 09:07 - 00709352 _____ ( ) C:\Users\Coco\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe
2014-04-07 09:02 - 2014-04-07 09:02 - 00000000 ____D () C:\Users\Coco\Downloads\adblockplus-2.5.1
2014-04-07 09:00 - 2014-04-07 09:00 - 01915176 _____ () C:\Users\Coco\Downloads\winrar-x64-51b2.exe
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-07 08:58 - 2014-04-07 08:58 - 00907018 _____ () C:\Users\Coco\Downloads\adblockplus-2.5.1.zip
2014-04-07 08:53 - 2012-12-18 13:33 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-04-07 08:45 - 2014-04-07 08:45 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68723359.txt
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68722531.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26644406.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26640859.txt
2014-04-06 19:02 - 2014-04-06 19:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-06 19:01 - 2014-04-06 08:08 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-06 19:01 - 2012-12-18 14:24 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-04-06 19:00 - 2012-12-18 14:24 - 00000000 ____D () C:\ProgramData\WildTangent
2014-04-06 18:59 - 2014-04-06 08:09 - 00000000 ____D () C:\ProgramData\WPM
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094468.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094343.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19069296.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19067828.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14815234.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14812234.txt
2014-04-06 16:52 - 2014-04-06 16:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-04-06 16:52 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Apple Computer
2014-04-06 16:52 - 2012-07-26 09:21 - 00027564 _____ () C:\Windows\setupact.log
2014-04-06 15:49 - 2014-04-06 15:49 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Avira
2014-04-06 15:47 - 2014-04-06 15:44 - 00000000 ____D () C:\ProgramData\Avira
2014-04-06 15:47 - 2014-04-06 15:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-06 15:44 - 2014-04-06 15:44 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-04-06 15:44 - 2014-04-06 15:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-06 15:44 - 2014-04-06 15:43 - 04413904 _____ (Avira Operations GmbH & Co. KG) C:\Users\Coco\Downloads\avira_de_av___ws.exe
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6831265.txt
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6823703.txt
2014-04-06 14:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-06 14:21 - 2014-04-06 14:21 - 00000117 _____ () C:\Windows\system32\netcfg-2677812.txt
2014-04-06 13:43 - 2012-12-18 13:32 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-04-06 13:43 - 2012-12-18 13:32 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-04-06 13:43 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-06 13:41 - 2014-04-06 13:41 - 00000117 _____ () C:\Windows\system32\netcfg-254484.txt
2014-04-06 13:38 - 2014-04-06 13:38 - 00000117 _____ () C:\Windows\system32\netcfg-105859.txt
2014-04-06 13:37 - 2014-04-06 08:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-06 13:26 - 2014-04-06 13:26 - 00000117 _____ () C:\Windows\system32\netcfg-20999296.txt
2014-04-06 12:52 - 2014-04-06 12:52 - 00000000 ____D () C:\Users\Coco\AppData\Local\Macromedia
2014-04-06 12:50 - 2014-04-06 12:50 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17382328.txt
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17380703.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-256125.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-250250.txt
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-04-06 08:37 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-04-06 08:37 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-04-06 08:33 - 2012-07-26 10:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3257312.txt
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3254890.txt
2014-04-06 08:23 - 2014-04-06 08:12 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Mozilla
2014-04-06 08:23 - 2014-04-06 08:12 - 00000000 ____D () C:\Users\Coco\AppData\Local\Mozilla
2014-04-06 08:20 - 2014-04-06 08:20 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iPod
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-06 08:08 - 2014-04-06 07:45 - 00001674 _____ () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-06 08:08 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-06 08:08 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-06 08:07 - 2014-04-06 08:07 - 00000000 _____ () C:\END
2014-04-06 07:50 - 2014-04-06 07:50 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Macromedia
2014-04-06 07:50 - 2014-04-06 07:44 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Sony Corporation
2014-04-06 07:48 - 2014-04-06 07:48 - 00000000 ____D () C:\Users\Coco\AppData\Local\Sony Corporation
2014-04-06 07:47 - 2014-04-06 07:47 - 00000000 ____D () C:\Users\Coco\AppData\Local\Intel_Corporation
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Adobe
2014-04-06 07:45 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Local\Packages
2014-04-06 07:45 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco
2014-04-06 07:45 - 2012-12-18 13:56 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-04-06 07:45 - 2012-12-18 13:33 - 00000000 ____D () C:\Program Files\Sony
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\pss
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Users\Coco\AppData\Local\Power2Go8
2014-04-06 07:44 - 2012-12-18 14:09 - 00000000 ____D () C:\Windows\System32\Tasks\SONY
2014-04-06 07:43 - 2014-04-06 07:43 - 00000020 ___SH () C:\Users\Coco\ntuser.ini
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Vorlagen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Startmenü
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Netzwerkumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Lokale Einstellungen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Eigene Dateien
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Druckumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Musik
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Bilder
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Verlauf
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Intel
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Local\VirtualStore
2014-04-06 07:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-04-06 07:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-335250.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-334609.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000000 ____D () C:\Windows\CSC
2014-04-06 07:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-256171.txt
2014-04-06 07:40 - 2014-04-06 07:40 - 00000117 _____ () C:\Windows\system32\netcfg-259187.txt
2014-04-03 09:51 - 2014-04-07 09:09 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-07 09:09 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-07 09:09 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Coco\AppData\Local\Temp\0240061396860597mcinst.exe
C:\Users\Coco\AppData\Local\Temp\avgnt.exe
C:\Users\Coco\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-08-03 04:22

==================== End Of Log ============================
--- --- ---

--- --- ---

Corina 07.04.2014 12:17
und hier noch die Addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Coco at 2014-04-07 12:46:39
Running from C:\Users\Coco\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee  Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee  Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee  Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec WinBio FingerPrint Software 64-bit (HKLM\...\{E33003B9-6A0D-4126-BD67-6FC62D643501}) (Version: 3.4.0.1009 - AuthenTec, Inc.)
Avira (HKLM-x32\...\{8f29d204-f85e-4d8d-87b0-7ba66bffc1aa}) (Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1923 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5601.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.5601.52 - CyberLink Corp.) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Genesis (HKCU\...\genesis) (Version:  - )
HQVid8.1b (HKLM-x32\...\HQVid8.1b) (Version: 1.34.3.28 - High-QualityV9)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.3.1004 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® AT Service signup (HKLM-x32\...\{CD49AEDB-FFB4-4A9A-A3C2-E9AF814FE6FE}) (Version: 2.0.0.3 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee Parental Controls (HKLM-x32\...\MOCP) (Version: 3.2.226.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
NVIDIA Grafiktreiber 305.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 305.46 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.82.513 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 305.46 (Version: 305.46 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6685 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SCS Shortcut (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Slim Toolbar 1.3 (HKLM-x32\...\Slim Toolbar) (Version: 1.3 - Anvisoft)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.0.08170 - Sony Corporation)
VAIO Care (HKLM\...\{E0F928B4-2BB2-4D7E-B16E-2B202CB58EDE}) (Version: 8.0.0.08150 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.2.0.08150 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.0.08010 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent sony Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03DD7547-FB5D-41F2-86DD-CA7890472403} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {100A7183-DECA-4D57-BE00-1CDA1154BAA7} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {35C02862-3B94-475F-96E2-0E494BA5E805} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {448A4AF3-FDC9-42CC-BF89-3C0715317C3E} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {5772C18D-1573-460B-9F68-49694A8E6459} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2012-08-09] (Sony Corporation)
Task: {77702C72-6BDB-4A17-9F12-5B5B5DF7D21B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {874A7A8B-2313-4C40-BDC2-2B3EDD376D68} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {8A5A88B6-7362-4670-8ACA-67E1797D065A} - System32\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {9D21D483-C3E9-42BE-85DB-760A7DFCFDBC} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {A1568F77-1509-4400-B935-8923D71749AE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AAEDCD55-3127-44C8-9EA9-3BC20A9D4B77} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2012-08-09] (Sony Corporation)
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\system32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {AEAF6004-9D12-4ABE-8F26-5B10C71EA82C} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {AF8F7AD1-D2D5-440A-A618-448BAA2C6147} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {B3074028-0E7E-47AF-A6C5-95B18E584F96} - System32\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {BFB1F10C-0F1D-4C71-8697-CE18275A8164} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {C2F769DD-7AE9-402C-A1A2-A3BB264E20F9} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D6830585-CC87-4897-B58A-05C7AEC2630F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D71074CC-1B8D-47AB-88E0-10D7562D6DEE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-06] (Adobe Systems Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ECD46B12-F954-46A9-82F2-C430EC41ABE5} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {F68C4030-D7DC-4443-ADA3-952049E14811} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {F8505402-74F1-4B6E-9B34-450CC71438B5} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {FC1C9818-4879-4CC3-9CBF-F0F9C08F833A} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {FFF08865-7C4B-4A04-AD6C-E1BDC89C44B1} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2012-08-21 21:01 - 2012-08-21 03:25 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 11:28 - 2012-08-06 11:28 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-06 11:29 - 2012-08-06 11:29 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-04-06 15:47 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-18 14:20 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00137808 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-04-06 15:48 - 2014-03-25 17:07 - 00049744 _____ () C:\Users\Coco\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-12-18 13:47 - 2012-07-24 03:11 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-06 08:12 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2014 11:32:29 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).

Error: (04/07/2014 11:32:26 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).

Error: (04/07/2014 11:32:20 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).

Error: (04/07/2014 11:32:00 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).

Error: (04/07/2014 11:31:58 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).

Error: (04/07/2014 10:52:14 AM) (Source: Avira Service Host) (User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen

Error: (04/07/2014 10:47:55 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\ProgramData\Sony Corporation\Sony Packaging Manager\PackagingTemp\{AC0439DC-896D-4617-A9EB-3E211DCD715D}\setup.exe Corporation\Sony Packaging Manager\PackagingTemp\{AC0439DC-896D-4617-A9EB-3E211DCD715D}\setup.exe" -s /s; Beschreibung = Installiert VAIO Control Center; Fehler = 0x80070422).

Error: (04/07/2014 10:41:56 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.5.0.2, Zeitstempel: 0x50070789
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.5.0.1, Zeitstempel: 0x500706ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026390
ID des fehlerhaften Prozesses: 0xb30
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (04/07/2014 09:40:39 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.2.9200.16384, Zeitstempel: 0x50108897
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16384, Zeitstempel: 0x5010acd2
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00000000000f4828
ID des fehlerhaften Prozesses: 0x2fc0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/07/2014 09:38:50 AM) (Source: Application Hang) (User: )
Description: Programm avscan.exe, Version 14.0.3.332 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b30

Startzeit: 01cf52323cd1274a

Endzeit: 60000

Anwendungspfad: c:\program files (x86)\avira\antivir desktop\avscan.exe

Berichts-ID: 7ddb5916-be27-11e3-be74-c8f73306d753

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (04/07/2014 11:34:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f082f fehlgeschlagen: Sicherheitsupdate für Internet Explorer Flash Player für Windows 8 für x64-Systeme (KB2938527)

Error: (04/07/2014 11:34:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f082f fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5 unter Windows 8 und Windows Server 2012 für x64-basierte Systeme (KB2861704)

Error: (04/07/2014 11:34:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f082f fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5 unter Windows 8 und Windows Server 2012 für x64-basierte Systeme (KB2898866)

Error: (04/07/2014 11:34:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f082f fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5 unter Windows 8 und Windows Server 2012 für x64-basierte Systeme (KB2840632)

Error: (04/07/2014 11:34:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f082f fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2727528)

Error: (04/07/2014 11:34:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f082f fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2884256)

Error: (04/07/2014 11:34:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f082f fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2795944)

Error: (04/07/2014 11:34:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f082f fehlgeschlagen: Update für Microsoft Camera Codec Pack unter Windows 8 für x64-basierte Systeme (KB2779444)

Error: (04/07/2014 11:33:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f082f fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2916036)

Error: (04/07/2014 11:33:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f082f fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2862152)


Microsoft Office Sessions:
=========================
Error: (04/07/2014 11:32:29 AM) (Source: System Restore)(User: )
Description: C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -EmbeddingWindows Modules Installer0x80070422

Error: (04/07/2014 11:32:26 AM) (Source: System Restore)(User: )
Description: C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -EmbeddingWindows Modules Installer0x80070422

Error: (04/07/2014 11:32:20 AM) (Source: System Restore)(User: )
Description: C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -EmbeddingWindows Modules Installer0x80070422

Error: (04/07/2014 11:32:00 AM) (Source: System Restore)(User: )
Description: C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -EmbeddingWindows Modules Installer0x80070422

Error: (04/07/2014 11:31:58 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80070422

Error: (04/07/2014 10:52:14 AM) (Source: Avira Service Host)(User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen

Error: (04/07/2014 10:47:55 AM) (Source: System Restore)(User: )
Description: C:\ProgramData\Sony Corporation\Sony Packaging Manager\PackagingTemp\{AC0439DC-896D-4617-A9EB-3E211DCD715D}\setup.exe Corporation\Sony Packaging Manager\PackagingTemp\{AC0439DC-896D-4617-A9EB-3E211DCD715D}\setup.exe" -s /sInstalliert VAIO Control Center0x80070422

Error: (04/07/2014 10:41:56 AM) (Source: Application Error)(User: )
Description: ZeroConfigService.exe15.5.0.250070789MurocApi.dll15.5.0.1500706cec00000050000000000026390b3001cf523d06a26762C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll79320b38-be30-11e3-be76-c8f73306d753

Error: (04/07/2014 09:40:39 AM) (Source: Application Error)(User: )
Description: svchost.exe6.2.9200.1638450108897ntdll.dll6.2.9200.163845010acd2c000000d00000000000f48282fc001cf52343f7c7504C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dlle9b482c5-be27-11e3-be74-c8f73306d753

Error: (04/07/2014 09:38:50 AM) (Source: Application Hang)(User: )
Description: avscan.exe14.0.3.3321b3001cf52323cd1274a60000c:\program files (x86)\avira\antivir desktop\avscan.exe7ddb5916-be27-11e3-be74-c8f73306d753


==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 8071.27 MB
Available physical RAM: 5327.43 MB
Total Pagefile: 12679.27 MB
Available Pagefile: 9963.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:895.46 GB) (Free:847.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

cosinus 07.04.2014 12:20
Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Corina 07.04.2014 12:55
Hi,

so alles gemacht, hier die Logs

AdWCleaner:
Code:
# AdwCleaner v3.023 - Bericht erstellt am 07/04/2014 um 13:33:53
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 8 Pro  (64 bits)
# Benutzername : Coco - VAIO
# Gestartet von : C:\Users\Coco\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WPM
Datei Gelöscht : C:\END

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Coco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Coco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16384

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3136 octets] - [07/04/2014 13:31:04]
AdwCleaner[S0].txt - [2057 octets] - [07/04/2014 13:33:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2117 octets] ##########
JRT:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 Pro x64
Ran by Coco on 07.04.2014 at 13:42:21,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.04.2014 at 13:48:31,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus 07.04.2014 12:55
Frische FRST Logs?

Corina 07.04.2014 12:57
FRST

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Coco (administrator) on VAIO on 07-04-2014 13:51:58
Running from C:\Users\Coco\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Formosan) C:\Users\Coco\AppData\Local\Genesis\Genesis.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Thisisu) C:\Users\Coco\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-03] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-21] (Synaptics Incorporated)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AT Service signup] - c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe [382976 2012-02-15] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [644656 2013-08-17] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [173136 2014-03-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4172602817-1105754241-2977795870-1002\...\Run: [genesis] - c:\users\coco\appdata\local\genesis\genesis.exe [2830336 2014-04-06] (Formosan)
HKU\S-1-5-21-4172602817-1105754241-2977795870-1002\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-08-29] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-08-29] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {D7C0CDEF-3515-411B-950F-10048ADA6973} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {FA05A302-AD18-4859-9E4E-CD84E89DD6C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 astsvr; C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe [119504 2014-03-03] (Anvisoft)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [121424 2014-03-25] (Avira Operations GmbH & Co. KG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-24] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-15] (McAfee, Inc.)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-15] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-15] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-15] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-15] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-15] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-21] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-07 13:48 - 2014-04-07 13:48 - 00000615 _____ () C:\Users\Coco\Desktop\JRT.txt
2014-04-07 13:42 - 2014-04-07 13:42 - 00000000 ____D () C:\Windows\ERUNT
2014-04-07 13:41 - 2014-04-07 13:41 - 01016261 _____ (Thisisu) C:\Users\Coco\Downloads\JRT.exe
2014-04-07 13:35 - 2014-04-07 13:35 - 00000117 _____ () C:\Windows\system32\netcfg-40671.txt
2014-04-07 13:34 - 2014-04-07 13:34 - 00000117 _____ () C:\Windows\system32\netcfg-9778578.txt
2014-04-07 13:30 - 2014-04-07 13:33 - 00000000 ____D () C:\AdwCleaner
2014-04-07 13:28 - 2014-04-07 13:28 - 01426178 _____ () C:\Users\Coco\Downloads\adwcleaner.exe
2014-04-07 12:46 - 2014-04-07 13:52 - 00017378 _____ () C:\Users\Coco\Downloads\FRST.txt
2014-04-07 12:46 - 2014-04-07 13:51 - 00000000 ____D () C:\FRST
2014-04-07 12:46 - 2014-04-07 12:47 - 00030856 _____ () C:\Users\Coco\Downloads\Addition.txt
2014-04-07 12:44 - 2014-04-07 12:44 - 02157056 _____ (Farbar) C:\Users\Coco\Downloads\FRST64.exe
2014-04-07 11:33 - 2014-04-07 11:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-07 11:33 - 2014-03-02 14:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 10:54 - 2014-04-07 10:54 - 00000117 _____ () C:\Windows\system32\netcfg-202140.txt
2014-04-07 10:50 - 2014-04-07 10:50 - 00000117 _____ () C:\Windows\system32\netcfg-652062.txt
2014-04-07 10:38 - 2014-04-07 10:38 - 00000117 _____ () C:\Windows\system32\netcfg-126609.txt
2014-04-07 10:36 - 2014-04-07 10:36 - 00000117 _____ () C:\Windows\system32\netcfg-75537812.txt
2014-04-07 09:55 - 2014-04-07 10:37 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f.job
2014-04-07 09:55 - 2014-04-07 10:37 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091.job
2014-04-07 09:55 - 2014-04-07 09:55 - 00003562 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f
2014-04-07 09:55 - 2014-04-07 09:55 - 00003480 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091
2014-04-07 09:55 - 2014-04-07 09:55 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\SUPERAntiSpyware.com
2014-04-07 09:54 - 2014-04-07 09:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-07 09:54 - 2014-04-07 09:54 - 18577712 _____ (SUPERAntiSpyware) C:\Users\Coco\Downloads\SUPERAntiSpyware.exe
2014-04-07 09:54 - 2014-04-07 09:54 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-04-07 09:54 - 2014-04-07 09:54 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-07 09:25 - 2014-04-07 09:25 - 00001185 _____ () C:\Users\Public\Desktop\Slim Toolbar.lnk
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Users\Coco\AppData\Local\Anvisoft
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-04-07 09:24 - 2014-04-07 09:24 - 10039608 _____ () C:\Users\Coco\Downloads\astsetup.exe
2014-04-07 09:10 - 2014-04-07 13:39 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 09:09 - 2014-04-07 09:10 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-07 09:09 - 2014-04-07 09:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-07 09:09 - 2014-04-07 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 09:09 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-07 09:09 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-07 09:09 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-07 09:08 - 2014-04-07 09:08 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Coco\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-07 09:07 - 2014-04-07 09:07 - 00709352 _____ ( ) C:\Users\Coco\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe
2014-04-07 09:02 - 2014-04-07 09:02 - 00000000 ____D () C:\Users\Coco\Downloads\adblockplus-2.5.1
2014-04-07 09:00 - 2014-04-07 09:00 - 01915176 _____ () C:\Users\Coco\Downloads\winrar-x64-51b2.exe
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-07 08:58 - 2014-04-07 08:58 - 00907018 _____ () C:\Users\Coco\Downloads\adblockplus-2.5.1.zip
2014-04-07 08:52 - 2014-04-07 10:54 - 00000000 ____D () C:\Update
2014-04-07 08:45 - 2014-04-07 08:45 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68723359.txt
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68722531.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26644406.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26640859.txt
2014-04-06 19:02 - 2014-04-06 19:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094468.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094343.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19069296.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19067828.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14815234.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14812234.txt
2014-04-06 16:52 - 2014-04-06 16:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-04-06 15:49 - 2014-04-06 15:49 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Avira
2014-04-06 15:47 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-04-06 15:47 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-04-06 15:47 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-04-06 15:44 - 2014-04-06 15:47 - 00000000 ____D () C:\ProgramData\Avira
2014-04-06 15:44 - 2014-04-06 15:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-06 15:44 - 2014-04-06 15:44 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-04-06 15:44 - 2014-04-06 15:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-06 15:43 - 2014-04-06 15:44 - 04413904 _____ (Avira Operations GmbH & Co. KG) C:\Users\Coco\Downloads\avira_de_av___ws.exe
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6831265.txt
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6823703.txt
2014-04-06 14:21 - 2014-04-06 14:21 - 00000117 _____ () C:\Windows\system32\netcfg-2677812.txt
2014-04-06 13:41 - 2014-04-06 13:41 - 00000117 _____ () C:\Windows\system32\netcfg-254484.txt
2014-04-06 13:38 - 2014-04-06 13:38 - 00000117 _____ () C:\Windows\system32\netcfg-105859.txt
2014-04-06 13:26 - 2014-04-06 13:26 - 00000117 _____ () C:\Windows\system32\netcfg-20999296.txt
2014-04-06 13:11 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-06 13:11 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-06 13:10 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-06 13:10 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-06 12:52 - 2014-04-06 12:52 - 00000000 ____D () C:\Users\Coco\AppData\Local\Macromedia
2014-04-06 12:50 - 2014-04-07 13:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-06 12:50 - 2014-04-06 12:50 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-06 12:37 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-04-06 12:37 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-06 12:37 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-04-06 12:37 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2014-04-06 12:37 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2014-04-06 12:37 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17382328.txt
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17380703.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-256125.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-250250.txt
2014-04-06 08:40 - 2014-04-06 07:40 - 00000117 _____ () C:\Windows\system32\netcfg-256171.txt
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3257312.txt
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3254890.txt
2014-04-06 08:20 - 2014-04-06 16:52 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iPod
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-06 08:20 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-04-06 08:12 - 2014-04-07 09:26 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-06 08:12 - 2014-04-06 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-06 08:12 - 2014-04-06 08:23 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Mozilla
2014-04-06 08:12 - 2014-04-06 08:23 - 00000000 ____D () C:\Users\Coco\AppData\Local\Mozilla
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-06 08:08 - 2014-04-07 13:41 - 00000000 ____D () C:\Users\Coco\AppData\Local\Genesis
2014-04-06 08:08 - 2014-04-07 10:36 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1b
2014-04-06 08:08 - 2014-04-06 19:01 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-06 07:51 - 2014-04-07 13:49 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4172602817-1105754241-2977795870-1002
2014-04-06 07:50 - 2014-04-06 07:50 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Macromedia
2014-04-06 07:48 - 2014-04-06 07:48 - 00000000 ____D () C:\Users\Coco\AppData\Local\Sony Corporation
2014-04-06 07:47 - 2014-04-06 07:47 - 00000000 ____D () C:\Users\Coco\AppData\Local\Intel_Corporation
2014-04-06 07:45 - 2014-04-07 13:33 - 00000993 _____ () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Adobe
2014-04-06 07:44 - 2014-04-06 07:50 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Sony Corporation
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\pss
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Users\Coco\AppData\Local\Power2Go8
2014-04-06 07:43 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco\AppData\Local\Packages
2014-04-06 07:43 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco
2014-04-06 07:43 - 2014-04-06 07:43 - 00000020 ___SH () C:\Users\Coco\ntuser.ini
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Vorlagen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Startmenü
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Netzwerkumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Lokale Einstellungen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Eigene Dateien
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Druckumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Musik
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Bilder
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Verlauf
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Intel
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Local\VirtualStore
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-335250.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-334609.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000000 ____D () C:\Windows\CSC
2014-04-06 07:40 - 2014-04-06 07:40 - 00000117 _____ () C:\Windows\system32\netcfg-259187.txt

==================== One Month Modified Files and Folders =======

2014-04-07 13:52 - 2014-04-07 12:46 - 00017378 _____ () C:\Users\Coco\Downloads\FRST.txt
2014-04-07 13:52 - 2014-04-06 12:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 13:51 - 2014-04-07 12:46 - 00000000 ____D () C:\FRST
2014-04-07 13:51 - 2012-12-18 14:12 - 00000000 ____D () C:\ProgramData\MOCP
2014-04-07 13:49 - 2014-04-06 07:51 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4172602817-1105754241-2977795870-1002
2014-04-07 13:49 - 2012-12-18 13:53 - 01077177 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 13:48 - 2014-04-07 13:48 - 00000615 _____ () C:\Users\Coco\Desktop\JRT.txt
2014-04-07 13:42 - 2014-04-07 13:42 - 00000000 ____D () C:\Windows\ERUNT
2014-04-07 13:41 - 2014-04-07 13:41 - 01016261 _____ (Thisisu) C:\Users\Coco\Downloads\JRT.exe
2014-04-07 13:41 - 2014-04-06 08:08 - 00000000 ____D () C:\Users\Coco\AppData\Local\Genesis
2014-04-07 13:39 - 2014-04-07 09:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 13:35 - 2014-04-07 13:35 - 00000117 _____ () C:\Windows\system32\netcfg-40671.txt
2014-04-07 13:34 - 2014-04-07 13:34 - 00000117 _____ () C:\Windows\system32\netcfg-9778578.txt
2014-04-07 13:34 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-07 13:34 - 2012-07-26 07:37 - 00000000 ____D () C:\Windows\servicing
2014-04-07 13:33 - 2014-04-07 13:30 - 00000000 ____D () C:\AdwCleaner
2014-04-07 13:33 - 2014-04-06 07:45 - 00000993 _____ () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-07 13:28 - 2014-04-07 13:28 - 01426178 _____ () C:\Users\Coco\Downloads\adwcleaner.exe
2014-04-07 13:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-07 12:47 - 2014-04-07 12:46 - 00030856 _____ () C:\Users\Coco\Downloads\Addition.txt
2014-04-07 12:44 - 2014-04-07 12:44 - 02157056 _____ (Farbar) C:\Users\Coco\Downloads\FRST64.exe
2014-04-07 11:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-07 11:34 - 2014-04-07 11:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-07 11:33 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-07 11:32 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-04-07 10:54 - 2014-04-07 10:54 - 00000117 _____ () C:\Windows\system32\netcfg-202140.txt
2014-04-07 10:54 - 2014-04-07 08:52 - 00000000 ____D () C:\Update
2014-04-07 10:51 - 2012-12-18 13:54 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-07 10:51 - 2012-12-18 13:54 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-04-07 10:51 - 2012-08-03 04:22 - 00133916 _____ () C:\Windows\PFRO.log
2014-04-07 10:50 - 2014-04-07 10:50 - 00000117 _____ () C:\Windows\system32\netcfg-652062.txt
2014-04-07 10:50 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-04-07 10:47 - 2012-12-18 13:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-07 10:38 - 2014-04-07 10:38 - 00000117 _____ () C:\Windows\system32\netcfg-126609.txt
2014-04-07 10:37 - 2014-04-07 09:55 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f.job
2014-04-07 10:37 - 2014-04-07 09:55 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091.job
2014-04-07 10:36 - 2014-04-07 10:36 - 00000117 _____ () C:\Windows\system32\netcfg-75537812.txt
2014-04-07 10:36 - 2014-04-06 08:08 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1b
2014-04-07 10:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-07 09:55 - 2014-04-07 09:55 - 00003562 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f
2014-04-07 09:55 - 2014-04-07 09:55 - 00003480 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091
2014-04-07 09:55 - 2014-04-07 09:55 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\SUPERAntiSpyware.com
2014-04-07 09:55 - 2014-04-07 09:54 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-07 09:54 - 2014-04-07 09:54 - 18577712 _____ (SUPERAntiSpyware) C:\Users\Coco\Downloads\SUPERAntiSpyware.exe
2014-04-07 09:54 - 2014-04-07 09:54 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-04-07 09:54 - 2014-04-07 09:54 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-07 09:27 - 2012-12-18 13:53 - 00000000 ____R () C:\Windows\SysWOW64\npDeployJava1.dll
2014-04-07 09:26 - 2014-04-06 08:12 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-07 09:25 - 2014-04-07 09:25 - 00001185 _____ () C:\Users\Public\Desktop\Slim Toolbar.lnk
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Users\Coco\AppData\Local\Anvisoft
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-04-07 09:24 - 2014-04-07 09:24 - 10039608 _____ () C:\Users\Coco\Downloads\astsetup.exe
2014-04-07 09:10 - 2014-04-07 09:09 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-07 09:10 - 2014-04-07 09:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-07 09:09 - 2014-04-07 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 09:08 - 2014-04-07 09:08 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Coco\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-07 09:07 - 2014-04-07 09:07 - 00709352 _____ ( ) C:\Users\Coco\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe
2014-04-07 09:02 - 2014-04-07 09:02 - 00000000 ____D () C:\Users\Coco\Downloads\adblockplus-2.5.1
2014-04-07 09:00 - 2014-04-07 09:00 - 01915176 _____ () C:\Users\Coco\Downloads\winrar-x64-51b2.exe
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-07 08:58 - 2014-04-07 08:58 - 00907018 _____ () C:\Users\Coco\Downloads\adblockplus-2.5.1.zip
2014-04-07 08:53 - 2012-12-18 13:33 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-04-07 08:45 - 2014-04-07 08:45 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68723359.txt
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68722531.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26644406.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26640859.txt
2014-04-06 19:02 - 2014-04-06 19:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-06 19:01 - 2014-04-06 08:08 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-06 19:01 - 2012-12-18 14:24 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-04-06 19:00 - 2012-12-18 14:24 - 00000000 ____D () C:\ProgramData\WildTangent
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094468.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094343.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19069296.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19067828.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14815234.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14812234.txt
2014-04-06 16:52 - 2014-04-06 16:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-04-06 16:52 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Apple Computer
2014-04-06 16:52 - 2012-07-26 09:21 - 00027564 _____ () C:\Windows\setupact.log
2014-04-06 15:49 - 2014-04-06 15:49 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Avira
2014-04-06 15:47 - 2014-04-06 15:44 - 00000000 ____D () C:\ProgramData\Avira
2014-04-06 15:47 - 2014-04-06 15:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-06 15:44 - 2014-04-06 15:44 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-04-06 15:44 - 2014-04-06 15:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-06 15:44 - 2014-04-06 15:43 - 04413904 _____ (Avira Operations GmbH & Co. KG) C:\Users\Coco\Downloads\avira_de_av___ws.exe
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6831265.txt
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6823703.txt
2014-04-06 14:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-06 14:21 - 2014-04-06 14:21 - 00000117 _____ () C:\Windows\system32\netcfg-2677812.txt
2014-04-06 13:43 - 2012-12-18 13:32 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-04-06 13:43 - 2012-12-18 13:32 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-04-06 13:43 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-06 13:41 - 2014-04-06 13:41 - 00000117 _____ () C:\Windows\system32\netcfg-254484.txt
2014-04-06 13:38 - 2014-04-06 13:38 - 00000117 _____ () C:\Windows\system32\netcfg-105859.txt
2014-04-06 13:37 - 2014-04-06 08:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-06 13:26 - 2014-04-06 13:26 - 00000117 _____ () C:\Windows\system32\netcfg-20999296.txt
2014-04-06 12:52 - 2014-04-06 12:52 - 00000000 ____D () C:\Users\Coco\AppData\Local\Macromedia
2014-04-06 12:50 - 2014-04-06 12:50 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17382328.txt
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17380703.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-256125.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-250250.txt
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-04-06 08:37 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-04-06 08:37 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-04-06 08:33 - 2012-07-26 10:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3257312.txt
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3254890.txt
2014-04-06 08:23 - 2014-04-06 08:12 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Mozilla
2014-04-06 08:23 - 2014-04-06 08:12 - 00000000 ____D () C:\Users\Coco\AppData\Local\Mozilla
2014-04-06 08:20 - 2014-04-06 08:20 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iPod
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-06 08:08 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-06 08:08 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-06 07:50 - 2014-04-06 07:50 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Macromedia
2014-04-06 07:50 - 2014-04-06 07:44 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Sony Corporation
2014-04-06 07:48 - 2014-04-06 07:48 - 00000000 ____D () C:\Users\Coco\AppData\Local\Sony Corporation
2014-04-06 07:47 - 2014-04-06 07:47 - 00000000 ____D () C:\Users\Coco\AppData\Local\Intel_Corporation
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Adobe
2014-04-06 07:45 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Local\Packages
2014-04-06 07:45 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco
2014-04-06 07:45 - 2012-12-18 13:56 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-04-06 07:45 - 2012-12-18 13:33 - 00000000 ____D () C:\Program Files\Sony
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\pss
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Users\Coco\AppData\Local\Power2Go8
2014-04-06 07:44 - 2012-12-18 14:09 - 00000000 ____D () C:\Windows\System32\Tasks\SONY
2014-04-06 07:43 - 2014-04-06 07:43 - 00000020 ___SH () C:\Users\Coco\ntuser.ini
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Vorlagen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Startmenü
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Netzwerkumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Lokale Einstellungen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Eigene Dateien
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Druckumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Musik
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Bilder
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Verlauf
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Intel
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Local\VirtualStore
2014-04-06 07:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-04-06 07:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-335250.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-334609.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000000 ____D () C:\Windows\CSC
2014-04-06 07:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-256171.txt
2014-04-06 07:40 - 2014-04-06 07:40 - 00000117 _____ () C:\Windows\system32\netcfg-259187.txt
2014-04-03 09:51 - 2014-04-07 09:09 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-07 09:09 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-07 09:09 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Coco\AppData\Local\Temp\avgnt.exe
C:\Users\Coco\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe
C:\Users\Coco\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-08-03 04:22

==================== End Of Log ============================
--- --- ---

--- --- ---


Additional
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Coco at 2014-04-07 13:52:19
Running from C:\Users\Coco\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee  Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee  Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee  Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec WinBio FingerPrint Software 64-bit (HKLM\...\{E33003B9-6A0D-4126-BD67-6FC62D643501}) (Version: 3.4.0.1009 - AuthenTec, Inc.)
Avira (HKLM-x32\...\{8f29d204-f85e-4d8d-87b0-7ba66bffc1aa}) (Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1923 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5601.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.5601.52 - CyberLink Corp.) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Genesis (HKCU\...\genesis) (Version:  - )
HQVid8.1b (HKLM-x32\...\HQVid8.1b) (Version: 1.34.3.28 - High-QualityV9)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.3.1004 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® AT Service signup (HKLM-x32\...\{CD49AEDB-FFB4-4A9A-A3C2-E9AF814FE6FE}) (Version: 2.0.0.3 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee Parental Controls (HKLM-x32\...\MOCP) (Version: 3.2.226.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
NVIDIA Grafiktreiber 305.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 305.46 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.82.513 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 305.46 (Version: 305.46 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6685 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SCS Shortcut (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Slim Toolbar 1.3 (HKLM-x32\...\Slim Toolbar) (Version: 1.3 - Anvisoft)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.0.08170 - Sony Corporation)
VAIO Care (HKLM\...\{E0F928B4-2BB2-4D7E-B16E-2B202CB58EDE}) (Version: 8.0.0.08150 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.2.0.08150 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.0.08010 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent sony Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {100A7183-DECA-4D57-BE00-1CDA1154BAA7} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {35C02862-3B94-475F-96E2-0E494BA5E805} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {448A4AF3-FDC9-42CC-BF89-3C0715317C3E} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {5772C18D-1573-460B-9F68-49694A8E6459} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2012-08-09] (Sony Corporation)
Task: {74E6EC6E-BD61-4D2D-80D4-021B9FC85702} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {77702C72-6BDB-4A17-9F12-5B5B5DF7D21B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {874A7A8B-2313-4C40-BDC2-2B3EDD376D68} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {8A5A88B6-7362-4670-8ACA-67E1797D065A} - System32\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {9D21D483-C3E9-42BE-85DB-760A7DFCFDBC} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {A1568F77-1509-4400-B935-8923D71749AE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AAEDCD55-3127-44C8-9EA9-3BC20A9D4B77} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2012-08-09] (Sony Corporation)
Task: {AEAF6004-9D12-4ABE-8F26-5B10C71EA82C} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {AF8F7AD1-D2D5-440A-A618-448BAA2C6147} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {B3074028-0E7E-47AF-A6C5-95B18E584F96} - System32\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {BFB1F10C-0F1D-4C71-8697-CE18275A8164} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {C2F769DD-7AE9-402C-A1A2-A3BB264E20F9} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D6830585-CC87-4897-B58A-05C7AEC2630F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D71074CC-1B8D-47AB-88E0-10D7562D6DEE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-06] (Adobe Systems Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ECD46B12-F954-46A9-82F2-C430EC41ABE5} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {F68C4030-D7DC-4443-ADA3-952049E14811} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {F8505402-74F1-4B6E-9B34-450CC71438B5} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {FC1C9818-4879-4CC3-9CBF-F0F9C08F833A} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {FFF08865-7C4B-4A04-AD6C-E1BDC89C44B1} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2012-08-06 11:28 - 2012-08-06 11:28 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-21 21:01 - 2012-08-21 03:25 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 11:29 - 2012-08-06 11:29 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-04-06 15:47 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00137808 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00063568 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-04-06 15:48 - 2014-03-25 17:07 - 00049744 _____ () C:\Users\Coco\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-12-18 13:47 - 2012-07-24 03:11 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-12-18 14:20 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2014 01:51:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: devmonsrv.exe, Version: 2.5.0.244, Zeitstempel: 0x50220e70
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x13d0
Startzeit der fehlerhaften Anwendung: 0xdevmonsrv.exe0
Pfad der fehlerhaften Anwendung: devmonsrv.exe1
Pfad des fehlerhaften Moduls: devmonsrv.exe2
Berichtskennung: devmonsrv.exe3
Vollständiger Name des fehlerhaften Pakets: devmonsrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: devmonsrv.exe5


System errors:
=============
Error: (04/07/2014 01:52:20 PM) (Source: DCOM) (User: VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/07/2014 01:51:49 PM) (Source: DCOM) (User: VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/07/2014 01:51:19 PM) (Source: DCOM) (User: VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/07/2014 01:50:49 PM) (Source: DCOM) (User: VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/07/2014 01:50:19 PM) (Source: DCOM) (User: VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/07/2014 01:49:48 PM) (Source: DCOM) (User: VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (04/07/2014 01:51:15 PM) (Source: Application Error)(User: )
Description: devmonsrv.exe2.5.0.24450220e70unknown0.0.0.000000000c00000050000000013d001cf5255fd37f1c7C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeunknownec12a5de-be4a-11e3-be78-c8f73306d753


==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 8071.27 MB
Available physical RAM: 5689.82 MB
Total Pagefile: 12679.27 MB
Available Pagefile: 10015.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:895.46 GB) (Free:846.98 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
Ja sind frische FRST logs.

cosinus 07.04.2014 13:19
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\S-1-5-21-4172602817-1105754241-2977795870-1002\...\Run: [genesis] - c:\users\coco\appdata\local\genesis\genesis.exe [2830336 2014-04-06] (Formosan)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
c:\users\coco\appdata\local\genesis

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Corina 07.04.2014 13:35
Hier die Fixlog

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Coco at 2014-04-07 14:30:00 Run:1
Running from C:\Users\Coco\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-4172602817-1105754241-2977795870-1002\...\Run: [genesis] - c:\users\coco\appdata\local\genesis\genesis.exe [2830336 2014-04-06] (Formosan)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
c:\users\coco\appdata\local\genesis
*****************

HKU\S-1-5-21-4172602817-1105754241-2977795870-1002\Software\Microsoft\Windows\CurrentVersion\Run\\genesis => Value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.

"C:\Users\Coco\AppData\Local\Genesis" directory move:

C:\Users\Coco\AppData\Local\Genesis\Genesis.exe => Moved successfully.
C:\Users\Coco\AppData\Local\Genesis\genesis.gdb => Moved successfully.
C:\Users\Coco\AppData\Local\Genesis\genesis.gss => Moved successfully.
Could not move "C:\Users\Coco\AppData\Local\Genesis" directory. => Scheduled to move on reboot.


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-07 14:33:18)<=

C:\Users\Coco\AppData\Local\Genesis => Moved successfully.

==== End of Fixlog ====

cosinus 07.04.2014 13:51
Ok. Frisches FRST Log bitte machen und posten

Corina 07.04.2014 14:01

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Coco (administrator) on VAIO on 07-04-2014 14:59:15
Running from C:\Users\Coco\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-03] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-21] (Synaptics Incorporated)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AT Service signup] - c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe [382976 2012-02-15] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [644656 2013-08-17] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [173136 2014-03-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4172602817-1105754241-2977795870-1002\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-08-29] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-08-29] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {FA05A302-AD18-4859-9E4E-CD84E89DD6C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {D7C0CDEF-3515-411B-950F-10048ADA6973} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {FA05A302-AD18-4859-9E4E-CD84E89DD6C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Coco\AppData\Roaming\Mozilla\Firefox\Profiles\p0yecuk7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 astsvr; C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe [119504 2014-03-03] (Anvisoft)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [121424 2014-03-25] (Avira Operations GmbH & Co. KG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-24] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-15] (McAfee, Inc.)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-15] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-15] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-15] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-15] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-15] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-21] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-07 14:31 - 2014-04-07 14:31 - 00000117 _____ () C:\Windows\system32\netcfg-47078.txt
2014-04-07 14:30 - 2014-04-07 14:30 - 00000117 _____ () C:\Windows\system32\netcfg-3341125.txt
2014-04-07 14:28 - 2014-04-07 14:26 - 00000253 _____ () C:\Fixlist.txt
2014-04-07 14:25 - 2014-04-07 14:26 - 00000253 _____ () C:\Users\Coco\Desktop\Fixlist.txt
2014-04-07 14:12 - 2014-04-07 14:13 - 00000000 ____D () C:\Users\Coco\AppData\Local\Adobe
2014-04-07 13:48 - 2014-04-07 13:48 - 00000615 _____ () C:\Users\Coco\Desktop\JRT.txt
2014-04-07 13:42 - 2014-04-07 13:42 - 00000000 ____D () C:\Windows\ERUNT
2014-04-07 13:41 - 2014-04-07 13:41 - 01016261 _____ (Thisisu) C:\Users\Coco\Downloads\JRT.exe
2014-04-07 13:35 - 2014-04-07 13:35 - 00000117 _____ () C:\Windows\system32\netcfg-40671.txt
2014-04-07 13:34 - 2014-04-07 13:34 - 00000117 _____ () C:\Windows\system32\netcfg-9778578.txt
2014-04-07 13:30 - 2014-04-07 13:33 - 00000000 ____D () C:\AdwCleaner
2014-04-07 13:28 - 2014-04-07 13:28 - 01426178 _____ () C:\Users\Coco\Downloads\adwcleaner.exe
2014-04-07 12:46 - 2014-04-07 14:59 - 00017487 _____ () C:\Users\Coco\Downloads\FRST.txt
2014-04-07 12:46 - 2014-04-07 14:59 - 00000000 ____D () C:\FRST
2014-04-07 12:46 - 2014-04-07 13:52 - 00022354 _____ () C:\Users\Coco\Downloads\Addition.txt
2014-04-07 12:44 - 2014-04-07 12:44 - 02157056 _____ (Farbar) C:\Users\Coco\Downloads\FRST64.exe
2014-04-07 11:33 - 2014-04-07 11:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-07 11:33 - 2014-03-02 14:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 10:54 - 2014-04-07 10:54 - 00000117 _____ () C:\Windows\system32\netcfg-202140.txt
2014-04-07 10:50 - 2014-04-07 10:50 - 00000117 _____ () C:\Windows\system32\netcfg-652062.txt
2014-04-07 10:38 - 2014-04-07 10:38 - 00000117 _____ () C:\Windows\system32\netcfg-126609.txt
2014-04-07 10:36 - 2014-04-07 10:36 - 00000117 _____ () C:\Windows\system32\netcfg-75537812.txt
2014-04-07 09:55 - 2014-04-07 10:37 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f.job
2014-04-07 09:55 - 2014-04-07 10:37 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091.job
2014-04-07 09:55 - 2014-04-07 09:55 - 00003562 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f
2014-04-07 09:55 - 2014-04-07 09:55 - 00003480 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091
2014-04-07 09:55 - 2014-04-07 09:55 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\SUPERAntiSpyware.com
2014-04-07 09:54 - 2014-04-07 09:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-07 09:54 - 2014-04-07 09:54 - 18577712 _____ (SUPERAntiSpyware) C:\Users\Coco\Downloads\SUPERAntiSpyware.exe
2014-04-07 09:54 - 2014-04-07 09:54 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-04-07 09:54 - 2014-04-07 09:54 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-07 09:25 - 2014-04-07 09:25 - 00001185 _____ () C:\Users\Public\Desktop\Slim Toolbar.lnk
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Users\Coco\AppData\Local\Anvisoft
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-04-07 09:24 - 2014-04-07 09:24 - 10039608 _____ () C:\Users\Coco\Downloads\astsetup.exe
2014-04-07 09:10 - 2014-04-07 14:33 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 09:09 - 2014-04-07 09:10 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-07 09:09 - 2014-04-07 09:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-07 09:09 - 2014-04-07 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 09:09 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-07 09:09 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-07 09:09 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-07 09:08 - 2014-04-07 09:08 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Coco\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-07 09:07 - 2014-04-07 09:07 - 00709352 _____ ( ) C:\Users\Coco\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe
2014-04-07 09:02 - 2014-04-07 09:02 - 00000000 ____D () C:\Users\Coco\Downloads\adblockplus-2.5.1
2014-04-07 09:00 - 2014-04-07 09:00 - 01915176 _____ () C:\Users\Coco\Downloads\winrar-x64-51b2.exe
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-07 08:58 - 2014-04-07 08:58 - 00907018 _____ () C:\Users\Coco\Downloads\adblockplus-2.5.1.zip
2014-04-07 08:52 - 2014-04-07 10:54 - 00000000 ____D () C:\Update
2014-04-07 08:45 - 2014-04-07 08:45 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68723359.txt
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68722531.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26644406.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26640859.txt
2014-04-06 19:02 - 2014-04-06 19:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094468.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094343.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19069296.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19067828.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14815234.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14812234.txt
2014-04-06 16:52 - 2014-04-06 16:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-04-06 15:49 - 2014-04-06 15:49 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Avira
2014-04-06 15:47 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-04-06 15:47 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-04-06 15:47 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-04-06 15:44 - 2014-04-06 15:47 - 00000000 ____D () C:\ProgramData\Avira
2014-04-06 15:44 - 2014-04-06 15:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-06 15:44 - 2014-04-06 15:44 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-04-06 15:44 - 2014-04-06 15:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-06 15:43 - 2014-04-06 15:44 - 04413904 _____ (Avira Operations GmbH & Co. KG) C:\Users\Coco\Downloads\avira_de_av___ws.exe
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6831265.txt
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6823703.txt
2014-04-06 14:21 - 2014-04-06 14:21 - 00000117 _____ () C:\Windows\system32\netcfg-2677812.txt
2014-04-06 13:41 - 2014-04-06 13:41 - 00000117 _____ () C:\Windows\system32\netcfg-254484.txt
2014-04-06 13:38 - 2014-04-06 13:38 - 00000117 _____ () C:\Windows\system32\netcfg-105859.txt
2014-04-06 13:26 - 2014-04-06 13:26 - 00000117 _____ () C:\Windows\system32\netcfg-20999296.txt
2014-04-06 13:11 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-06 13:11 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-06 13:10 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-06 13:10 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-06 12:52 - 2014-04-06 12:52 - 00000000 ____D () C:\Users\Coco\AppData\Local\Macromedia
2014-04-06 12:50 - 2014-04-07 14:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-06 12:50 - 2014-04-07 14:13 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-06 12:37 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-04-06 12:37 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-06 12:37 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-04-06 12:37 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2014-04-06 12:37 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2014-04-06 12:37 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17382328.txt
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17380703.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-256125.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-250250.txt
2014-04-06 08:40 - 2014-04-06 07:40 - 00000117 _____ () C:\Windows\system32\netcfg-256171.txt
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3257312.txt
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3254890.txt
2014-04-06 08:20 - 2014-04-06 16:52 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iPod
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-06 08:20 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-04-06 08:12 - 2014-04-07 09:26 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-06 08:12 - 2014-04-06 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-06 08:12 - 2014-04-06 08:23 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Mozilla
2014-04-06 08:12 - 2014-04-06 08:23 - 00000000 ____D () C:\Users\Coco\AppData\Local\Mozilla
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-06 08:08 - 2014-04-07 14:31 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-06 08:08 - 2014-04-07 10:36 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1b
2014-04-06 07:51 - 2014-04-07 14:38 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4172602817-1105754241-2977795870-1002
2014-04-06 07:50 - 2014-04-06 07:50 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Macromedia
2014-04-06 07:48 - 2014-04-06 07:48 - 00000000 ____D () C:\Users\Coco\AppData\Local\Sony Corporation
2014-04-06 07:47 - 2014-04-06 07:47 - 00000000 ____D () C:\Users\Coco\AppData\Local\Intel_Corporation
2014-04-06 07:45 - 2014-04-07 13:33 - 00000993 _____ () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Adobe
2014-04-06 07:44 - 2014-04-06 07:50 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Sony Corporation
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\pss
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Users\Coco\AppData\Local\Power2Go8
2014-04-06 07:43 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco\AppData\Local\Packages
2014-04-06 07:43 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco
2014-04-06 07:43 - 2014-04-06 07:43 - 00000020 ___SH () C:\Users\Coco\ntuser.ini
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Vorlagen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Startmenü
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Netzwerkumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Lokale Einstellungen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Eigene Dateien
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Druckumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Musik
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Bilder
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Verlauf
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Intel
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Local\VirtualStore
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-06 07:43 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-335250.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-334609.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000000 ____D () C:\Windows\CSC
2014-04-06 07:40 - 2014-04-06 07:40 - 00000117 _____ () C:\Windows\system32\netcfg-259187.txt

==================== One Month Modified Files and Folders =======

2014-04-07 14:59 - 2014-04-07 12:46 - 00017487 _____ () C:\Users\Coco\Downloads\FRST.txt
2014-04-07 14:59 - 2014-04-07 12:46 - 00000000 ____D () C:\FRST
2014-04-07 14:58 - 2012-12-18 14:12 - 00000000 ____D () C:\ProgramData\MOCP
2014-04-07 14:55 - 2012-12-18 13:53 - 01670355 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 14:52 - 2014-04-06 12:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 14:38 - 2014-04-06 07:51 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4172602817-1105754241-2977795870-1002
2014-04-07 14:33 - 2014-04-07 09:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 14:31 - 2014-04-07 14:31 - 00000117 _____ () C:\Windows\system32\netcfg-47078.txt
2014-04-07 14:31 - 2014-04-06 08:08 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-07 14:30 - 2014-04-07 14:30 - 00000117 _____ () C:\Windows\system32\netcfg-3341125.txt
2014-04-07 14:30 - 2012-08-03 04:22 - 00134240 _____ () C:\Windows\PFRO.log
2014-04-07 14:30 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-07 14:30 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-07 14:26 - 2014-04-07 14:28 - 00000253 _____ () C:\Fixlist.txt
2014-04-07 14:26 - 2014-04-07 14:25 - 00000253 _____ () C:\Users\Coco\Desktop\Fixlist.txt
2014-04-07 14:13 - 2014-04-07 14:12 - 00000000 ____D () C:\Users\Coco\AppData\Local\Adobe
2014-04-07 14:13 - 2014-04-06 12:50 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-07 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-07 13:52 - 2014-04-07 12:46 - 00022354 _____ () C:\Users\Coco\Downloads\Addition.txt
2014-04-07 13:48 - 2014-04-07 13:48 - 00000615 _____ () C:\Users\Coco\Desktop\JRT.txt
2014-04-07 13:42 - 2014-04-07 13:42 - 00000000 ____D () C:\Windows\ERUNT
2014-04-07 13:41 - 2014-04-07 13:41 - 01016261 _____ (Thisisu) C:\Users\Coco\Downloads\JRT.exe
2014-04-07 13:35 - 2014-04-07 13:35 - 00000117 _____ () C:\Windows\system32\netcfg-40671.txt
2014-04-07 13:34 - 2014-04-07 13:34 - 00000117 _____ () C:\Windows\system32\netcfg-9778578.txt
2014-04-07 13:34 - 2012-07-26 07:37 - 00000000 ____D () C:\Windows\servicing
2014-04-07 13:33 - 2014-04-07 13:30 - 00000000 ____D () C:\AdwCleaner
2014-04-07 13:33 - 2014-04-06 07:45 - 00000993 _____ () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-07 13:28 - 2014-04-07 13:28 - 01426178 _____ () C:\Users\Coco\Downloads\adwcleaner.exe
2014-04-07 12:44 - 2014-04-07 12:44 - 02157056 _____ (Farbar) C:\Users\Coco\Downloads\FRST64.exe
2014-04-07 11:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-07 11:34 - 2014-04-07 11:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-07 11:33 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-07 11:32 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-04-07 10:54 - 2014-04-07 10:54 - 00000117 _____ () C:\Windows\system32\netcfg-202140.txt
2014-04-07 10:54 - 2014-04-07 08:52 - 00000000 ____D () C:\Update
2014-04-07 10:51 - 2012-12-18 13:54 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-07 10:51 - 2012-12-18 13:54 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-04-07 10:50 - 2014-04-07 10:50 - 00000117 _____ () C:\Windows\system32\netcfg-652062.txt
2014-04-07 10:50 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-04-07 10:47 - 2012-12-18 13:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-07 10:38 - 2014-04-07 10:38 - 00000117 _____ () C:\Windows\system32\netcfg-126609.txt
2014-04-07 10:37 - 2014-04-07 09:55 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f.job
2014-04-07 10:37 - 2014-04-07 09:55 - 00000518 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091.job
2014-04-07 10:36 - 2014-04-07 10:36 - 00000117 _____ () C:\Windows\system32\netcfg-75537812.txt
2014-04-07 10:36 - 2014-04-06 08:08 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1b
2014-04-07 10:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-07 09:55 - 2014-04-07 09:55 - 00003562 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task dd25d916-f8b1-4199-a25e-43b9cb6fed5f
2014-04-07 09:55 - 2014-04-07 09:55 - 00003480 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d707e9fb-f344-4de0-a5ff-414c12b0d091
2014-04-07 09:55 - 2014-04-07 09:55 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\SUPERAntiSpyware.com
2014-04-07 09:55 - 2014-04-07 09:54 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-07 09:54 - 2014-04-07 09:54 - 18577712 _____ (SUPERAntiSpyware) C:\Users\Coco\Downloads\SUPERAntiSpyware.exe
2014-04-07 09:54 - 2014-04-07 09:54 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-04-07 09:54 - 2014-04-07 09:54 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-07 09:27 - 2012-12-18 13:53 - 00000000 ____R () C:\Windows\SysWOW64\npDeployJava1.dll
2014-04-07 09:26 - 2014-04-06 08:12 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-07 09:25 - 2014-04-07 09:25 - 00001185 _____ () C:\Users\Public\Desktop\Slim Toolbar.lnk
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Users\Coco\AppData\Local\Anvisoft
2014-04-07 09:25 - 2014-04-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-04-07 09:24 - 2014-04-07 09:24 - 10039608 _____ () C:\Users\Coco\Downloads\astsetup.exe
2014-04-07 09:10 - 2014-04-07 09:09 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-07 09:10 - 2014-04-07 09:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-07 09:09 - 2014-04-07 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 09:08 - 2014-04-07 09:08 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Coco\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-07 09:07 - 2014-04-07 09:07 - 00709352 _____ ( ) C:\Users\Coco\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe
2014-04-07 09:02 - 2014-04-07 09:02 - 00000000 ____D () C:\Users\Coco\Downloads\adblockplus-2.5.1
2014-04-07 09:00 - 2014-04-07 09:00 - 01915176 _____ () C:\Users\Coco\Downloads\winrar-x64-51b2.exe
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-07 09:00 - 2014-04-07 09:00 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-07 08:58 - 2014-04-07 08:58 - 00907018 _____ () C:\Users\Coco\Downloads\adblockplus-2.5.1.zip
2014-04-07 08:53 - 2012-12-18 13:33 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-04-07 08:45 - 2014-04-07 08:45 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68723359.txt
2014-04-07 08:42 - 2014-04-07 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-68722531.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26644406.txt
2014-04-06 21:01 - 2014-04-06 21:01 - 00000117 _____ () C:\Windows\system32\netcfg-26640859.txt
2014-04-06 19:02 - 2014-04-06 19:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-06 19:01 - 2012-12-18 14:24 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-04-06 19:00 - 2012-12-18 14:24 - 00000000 ____D () C:\ProgramData\WildTangent
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094468.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19094343.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19069296.txt
2014-04-06 18:55 - 2014-04-06 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-19067828.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14815234.txt
2014-04-06 17:44 - 2014-04-06 17:44 - 00000117 _____ () C:\Windows\system32\netcfg-14812234.txt
2014-04-06 16:52 - 2014-04-06 16:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-04-06 16:52 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Apple Computer
2014-04-06 16:52 - 2012-07-26 09:21 - 00027564 _____ () C:\Windows\setupact.log
2014-04-06 15:49 - 2014-04-06 15:49 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Avira
2014-04-06 15:47 - 2014-04-06 15:44 - 00000000 ____D () C:\ProgramData\Avira
2014-04-06 15:47 - 2014-04-06 15:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-06 15:44 - 2014-04-06 15:44 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-04-06 15:44 - 2014-04-06 15:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-06 15:44 - 2014-04-06 15:43 - 04413904 _____ (Avira Operations GmbH & Co. KG) C:\Users\Coco\Downloads\avira_de_av___ws.exe
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6831265.txt
2014-04-06 15:30 - 2014-04-06 15:30 - 00000117 _____ () C:\Windows\system32\netcfg-6823703.txt
2014-04-06 14:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-06 14:21 - 2014-04-06 14:21 - 00000117 _____ () C:\Windows\system32\netcfg-2677812.txt
2014-04-06 13:43 - 2012-12-18 13:32 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-04-06 13:43 - 2012-12-18 13:32 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-04-06 13:43 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-06 13:41 - 2014-04-06 13:41 - 00000117 _____ () C:\Windows\system32\netcfg-254484.txt
2014-04-06 13:38 - 2014-04-06 13:38 - 00000117 _____ () C:\Windows\system32\netcfg-105859.txt
2014-04-06 13:37 - 2014-04-06 08:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-06 13:26 - 2014-04-06 13:26 - 00000117 _____ () C:\Windows\system32\netcfg-20999296.txt
2014-04-06 12:52 - 2014-04-06 12:52 - 00000000 ____D () C:\Users\Coco\AppData\Local\Macromedia
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17382328.txt
2014-04-06 12:26 - 2014-04-06 12:26 - 00000117 _____ () C:\Windows\system32\netcfg-17380703.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-256125.txt
2014-04-06 08:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-250250.txt
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Programme
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-06 08:37 - 2014-04-06 08:37 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-04-06 08:37 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-04-06 08:37 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-04-06 08:33 - 2012-07-26 10:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3257312.txt
2014-04-06 08:30 - 2014-04-06 08:30 - 00000117 _____ () C:\Windows\system32\netcfg-3254890.txt
2014-04-06 08:23 - 2014-04-06 08:12 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Mozilla
2014-04-06 08:23 - 2014-04-06 08:12 - 00000000 ____D () C:\Users\Coco\AppData\Local\Mozilla
2014-04-06 08:20 - 2014-04-06 08:20 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Users\Coco\AppData\Local\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\iPod
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-06 08:20 - 2014-04-06 08:20 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-06 08:12 - 2014-04-06 08:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-06 08:08 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-06 07:50 - 2014-04-06 07:50 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Macromedia
2014-04-06 07:50 - 2014-04-06 07:44 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Sony Corporation
2014-04-06 07:48 - 2014-04-06 07:48 - 00000000 ____D () C:\Users\Coco\AppData\Local\Sony Corporation
2014-04-06 07:47 - 2014-04-06 07:47 - 00000000 ____D () C:\Users\Coco\AppData\Local\Intel_Corporation
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ___RD () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-06 07:45 - 2014-04-06 07:45 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Adobe
2014-04-06 07:45 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Local\Packages
2014-04-06 07:45 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco
2014-04-06 07:45 - 2012-12-18 13:56 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-04-06 07:45 - 2012-12-18 13:33 - 00000000 ____D () C:\Program Files\Sony
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Windows\pss
2014-04-06 07:44 - 2014-04-06 07:44 - 00000000 ____D () C:\Users\Coco\AppData\Local\Power2Go8
2014-04-06 07:44 - 2012-12-18 14:09 - 00000000 ____D () C:\Windows\System32\Tasks\SONY
2014-04-06 07:43 - 2014-04-06 07:43 - 00000020 ___SH () C:\Users\Coco\ntuser.ini
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Vorlagen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Startmenü
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Netzwerkumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Lokale Einstellungen
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Eigene Dateien
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Druckumgebung
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Musik
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Documents\Eigene Bilder
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Verlauf
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\AppData\Local\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 _SHDL () C:\Users\Coco\Anwendungsdaten
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Roaming\Intel
2014-04-06 07:43 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\Coco\AppData\Local\VirtualStore
2014-04-06 07:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-04-06 07:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-335250.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000117 _____ () C:\Windows\system32\netcfg-334609.txt
2014-04-06 07:41 - 2014-04-06 07:41 - 00000000 ____D () C:\Windows\CSC
2014-04-06 07:40 - 2014-04-06 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-256171.txt
2014-04-06 07:40 - 2014-04-06 07:40 - 00000117 _____ () C:\Windows\system32\netcfg-259187.txt
2014-04-03 09:51 - 2014-04-07 09:09 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-07 09:09 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-07 09:09 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Coco\AppData\Local\Temp\avgnt.exe
C:\Users\Coco\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe
C:\Users\Coco\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-08-03 04:22

==================== End Of Log ============================
--- --- ---

cosinus 07.04.2014 14:43
Ok, Kontrollscan mit MBAM und ESET bitte

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Corina 07.04.2014 16:29
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 07.04.2014
Suchlauf-Zeit: 16:05:10
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.07.06
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Coco

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 272864
Verstrichene Zeit: 11 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7f17ee25be00a047a2d4e4b20b3f8143
# engine=17781
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-07 02:26:44
# local_time=2014-04-07 04:26:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 94 6101 3563140 0 0
# compatibility_mode=5893 16776574 100 94 41050464 56386915 0 0
# scanned=3421
# found=0
# cleaned=0
# scan_time=945
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7f17ee25be00a047a2d4e4b20b3f8143
# engine=17784
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-07 02:30:52
# local_time=2014-04-07 04:30:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 94 6349 3563388 0 0
# compatibility_mode=5893 16776574 100 94 41050712 56387163 0 0
# scanned=2825
# found=0
# cleaned=0
# scan_time=193
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7f17ee25be00a047a2d4e4b20b3f8143
# engine=17784
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-07 03:27:49
# local_time=2014-04-07 05:27:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 94 9766 3566805 2538 0
# compatibility_mode=5893 16776574 100 94 41054129 56390580 0 0
# scanned=281955
# found=2
# cleaned=0
# scan_time=3360
sh=650A139860FA937009C3D824BA2AB83D20B5DFE8 ft=1 fh=c71c001110b3f691 vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Coco\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe"
sh=650A139860FA937009C3D824BA2AB83D20B5DFE8 ft=1 fh=c71c001110b3f691 vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Coco\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.0.1000.exe"

cosinus 07.04.2014 22:25
Wieso lädst du Malwarebytes bei der BILD runter...gerade solche Downloadportale versuchen in letzter Zeit massivst Adware untrzujubeln! :pfui:

Lösche die Setups. Allgemein auch mal den Download-Ordner leeren, es gibt keinen Grund da Sachen bis in die Ewigkeit verschimmeln zu lassen, was wichtig ist sollte IMHO woanders hin wegsortiert werden.

TFC - Temp File Cleaner

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.




Sieht soweit ok aus :daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:27 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131