Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Very slow


  • This topic is locked This topic is locked

#1
l.mart

l.mart

    Member

  • Member
  • PipPip
  • 31 posts

Hello,

 

Starting about a week ago my Sony Vaio, running Windows 7 has slowed down considerably. Webpages and programs take ages to load and the laptop in general is very laggy. I've run AVG and SuperAntiSpyware and nothing improved. Any help would be greatly appreciated.

 

Thanks in advance.


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

Everything gets download to the desktop and tools are "Run as administrator."

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


  • 0

#3
l.mart

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Hi zep,

 

thanks for the fast reply.

 

Here ist the FRST log:

 

 

 

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
durchgeführt von lmar (Administrator) auf LMAR-VAIO (14-11-2016 17:14:08)
Gestartet von C:\Users\lmar\AppData\Local\Temp\scoped_dir8928_4178
Geladene Profile: lmar & Admin & postgres (Verfügbare Profile: lmar & Admin & postgres)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ClearCanvas Inc.) C:\Program Files\ClearCanvas\ClearCanvas Workstation\ClearCanvas.Server.ShredHostService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Innovative Digital Technologies) C:\Users\lmar\AppData\Roaming\ACEStream\engine\ace_engine.exe
(Hola Networks Ltd.) C:\Users\lmar\AppData\Local\Hola\local\app\hola.exe
(Spotify Ltd) C:\Users\lmar\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\ProgramData\Avg_Update_0415tb\0415tb_{5D48FFBF-9788-489C-9036-433ED6D11095}.exe
(Dropbox, Inc.) C:\Users\lmar\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
() C:\Users\lmar\AppData\Local\Autobahn\nexdef.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Hola Networks Ltd.) C:\Users\lmar\AppData\Local\Hola\local\app\hola_updater.exe
(Innovative Digital Technologies) C:\Users\lmar\AppData\Roaming\ACEStream\engine\ace_engine.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Hola Networks Ltd.) C:\Users\lmar\AppData\Local\Hola\local\app\hola_svc.exe
() C:\Users\lmar\AppData\Roaming\ACEStream\updater\ace_update.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcfgex.exe
 
 
==================== Registry (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-09-29] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-11-03] (SUPERAntiSpyware)
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Run: [360Amigo] => C:\Program files\360Amigo\360Amigo.exe [5335328 2012-01-15] (360Amigo)
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Run: [Dropbox Update] => C:\Users\lmar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Run: [AceStream] => C:\Users\lmar\AppData\Roaming\ACEStream\engine\ace_engine.exe [28024 2016-10-20] (Innovative Digital Technologies)
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Run: [hola] => C:\Users\lmar\AppData\Local\Hola\local\app\hola.exe [2033792 2016-04-27] (Hola Networks Ltd.)
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Run: [Spotify Web Helper] => C:\Users\lmar\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-10-26] (Spotify Ltd)
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Run: [Spotify] => C:\Users\lmar\AppData\Roaming\Spotify\Spotify.exe [7039088 2016-10-26] (Spotify Ltd)
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Run: [AvgUpdater0415tb] => C:\ProgramData\Avg_Update_0415tb\0415tb_{5D48FFBF-9788-489C-9036-433ED6D11095}.exe [2829848 2015-05-12] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
Startup: C:\Users\lmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\lmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2011-11-19]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\lmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk [2012-04-15]
ShortcutTarget: NexDef Plug-in.lnk -> C:\Users\lmar\AppData\Local\Autobahn\nexdef.exe ()
 
==================== Internet (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0E0086C3-95B6-4015-8BE1-BF377815799B}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{2988250E-8C52-4F6C-ABD4-0A132CBD2FE6}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{324DAA21-1EB5-40A3-808B-C6821D7120F8}: [DhcpNameServer] 10.74.210.210
Tcpip\..\Interfaces\{539FB607-AD3C-4677-A624-68B95367772C}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{C947C79F-330D-42C2-A91A-0BA1FF45D490}: [NameServer] 89.41.60.38,95.169.183.219
Tcpip\..\Interfaces\{C947C79F-330D-42C2-A91A-0BA1FF45D490}: [DhcpNameServer] 192.168.178.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sony.eu/vaioportal
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {2A7B3037-4954-4620-97E9-10730459224B} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {B76D0BAE-CADC-49CF-9981-5B0416E34FD4} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {DD0F6097-3D99-4325-83A9-F62828014CDB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {3CFA54D1-E9CA-4765-88DF-6FB8646D89CF} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {8F6288F2-2BCF-4E76-A446-855E24C70C55} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {E59B37B1-5A0F-43FD-876C-E1A8B17A444C} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Kein Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> Keine Datei
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-18] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-31] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-09-29] (AVG)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-18] (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  Keine Datei
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-01-28] (AVG Secure Search)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-12-16] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-12-16] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-12-16] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-12-16] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default [2016-11-14]
FF user.js: detected! => C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default\user.js [2012-03-07]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\r6indgd7.default -> AVG Secure Search
FF Homepage: Mozilla\Firefox\Profiles\r6indgd7.default -> hxxps://mysearch.avg.com?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-07 18:35:43&v=4.0.0.19&pid=wtu&sg=&sap=hp
FF NetworkProxy: Mozilla\Firefox\Profiles\r6indgd7.default -> no_proxies_on", ""
FF Extension: (AVG Web TuneUp) - C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default\Extensions\[email protected] [2016-09-29]
FF Extension: (Updated Ad Blocker for Firefox 11+) - C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2016-10-03]
FF Extension: (Mehr Leistung und Videoformate für dein HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-16] [ist nicht signiert]
FF SearchPlugin: C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default\searchplugins\avg-secure-search.xml [2016-11-14]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\lmar\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Stream Web Extension) - C:\Users\lmar\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2015-12-18]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-09-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2013-07-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-10-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-04-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-04-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
FF Plugin HKU\S-1-5-21-2257400672-1811914005-1587198597-1000: @acestream.net/acestreamplugin,version=3.1.2 -> C:\Users\lmar\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-08-06] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-2257400672-1811914005-1587198597-1000: @hola.org/FlashPlayer -> C:\Users\lmar\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-01-20] ()
FF Plugin HKU\S-1-5-21-2257400672-1811914005-1587198597-1000: @hola.org/vlc -> C:\Users\lmar\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-01-20] (Hola)
FF Plugin HKU\S-1-5-21-2257400672-1811914005-1587198597-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lmar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2011-11-02] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll [2011-10-03] (vShare.tv )
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default [2016-11-07]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-09-28]
CHR Extension: (Ace Stream Web Extension) - C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2009-12-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-16]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-04]
CHR HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
 
Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\lmar\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-10-31]
 
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-10-11] (SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [Datei ist nicht signiert]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 ClearCanvas Workstation ShredHost Service; C:\Program Files\ClearCanvas\ClearCanvas Workstation\ClearCanvas.Server.ShredHostService.exe [9216 2012-09-03] (ClearCanvas Inc.) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 Modem Device Helper; C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe [51576 2013-01-11] () [Datei ist nicht signiert]
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [81920 2013-04-02] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2016-09-29] (AVG Secure Search)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-09-27] ()
 
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [159744 2013-01-11] (TCT International Mobile Ltd.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2013-01-11] (Windows ® Codename Longhorn DDK provider)
R1 AmgHips; C:\Windows\System32\Drivers\AmgHips.sys [31008 2012-01-15] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2013-01-11] (TCT International Mobile Ltd.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2014-08-12] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [38664 2013-04-29] (Spotflux, Inc)
 
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 
==================== Ein Monat: Erstellte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2016-11-14 17:13 - 2016-11-14 17:14 - 00000000 ____D C:\FRST
2016-11-14 17:12 - 2016-11-14 17:12 - 02411520 _____ (Farbar) C:\Users\lmar\Desktop\FRST64.exe
2016-11-14 16:47 - 2016-11-14 16:47 - 00000000 ___RD C:\Users\lmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-11-14 10:57 - 2016-11-14 10:57 - 00000000 ____D C:\Users\Admin\AppData\Local\Macromedia
2016-11-12 17:25 - 2016-11-12 17:25 - 00000000 ____D C:\Users\lmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-10 17:15 - 2016-11-10 17:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TuneUp Software
2016-11-10 17:14 - 2016-11-10 17:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVG
2016-11-10 17:09 - 2016-11-14 11:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg
2016-11-10 17:08 - 2016-11-10 18:09 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Samsung
2016-11-10 17:08 - 2016-11-10 17:19 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2016-11-10 17:08 - 2016-11-10 17:09 - 00002251 _____ C:\Users\Admin\Desktop\Google Chrome.lnk
2016-11-10 17:08 - 2016-11-10 17:09 - 00000000 ____D C:\Users\Admin\AppData\Local\AVG Web TuneUp
2016-11-10 17:08 - 2016-11-10 17:08 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Apple Computer
2016-11-08 13:52 - 2016-11-08 13:52 - 00160605 _____ C:\Users\lmar\Downloads\Neuroseminare-Themen-WS16_17 C1.pdf
2016-11-06 14:35 - 2016-11-06 14:35 - 00085459 _____ C:\Users\lmar\Downloads\checkliste_Äquivalenzantrag_pj_ausland_tum_medizin.pdf
2016-11-06 11:43 - 2016-11-06 11:43 - 00088605 _____ C:\Users\lmar\Downloads\anerkannte_lehrkrankenhäuser_im_ausland_stand_aug._2016.pdf
2016-11-05 15:30 - 2016-11-05 15:30 - 74341828 _____ C:\Users\lmar\Downloads\FINALGLOW.wav
2016-11-03 10:25 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-11-03 10:25 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-11-03 10:25 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-11-03 10:25 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-11-03 10:24 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-11-03 10:24 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-11-03 10:24 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-11-03 10:24 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-11-03 10:24 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-11-03 10:24 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-11-03 10:24 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-11-03 10:24 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-11-03 10:24 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-11-03 10:24 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-11-02 20:29 - 2016-11-02 20:29 - 00408687 _____ C:\Users\lmar\Downloads\20151028-frank-sekursachen.pdf
2016-10-25 11:07 - 2016-10-25 11:08 - 00000000 ____D C:\Users\lmar\Desktop\Seminarmaterial Neurophys 2016_17 _studenten
2016-10-24 16:34 - 2016-10-24 16:35 - 154693118 _____ C:\Users\lmar\Downloads\Seminarmaterial Neurophys 2016_17.zip
2016-10-24 16:34 - 2016-10-24 16:34 - 03978985 _____ C:\Users\lmar\Downloads\Skript Prakt 5 w2016-17-1.pdf
2016-10-24 16:33 - 2016-10-24 16:33 - 05235138 _____ C:\Users\lmar\Downloads\praktikumsskript neurophys 2016.pdf
2016-10-19 14:13 - 2016-10-19 14:13 - 00267520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2016-10-17 19:50 - 2016-10-17 19:50 - 06386379 _____ C:\Users\lmar\Downloads\BIO - Mikrobiologie-Skript 2013.pdf
2016-10-17 19:48 - 2016-10-17 19:48 - 03994834 _____ C:\Users\lmar\Downloads\KursE.pdf
2016-10-17 18:59 - 2016-10-17 18:59 - 02070769 _____ C:\Users\lmar\Downloads\Skript Genetik SS16.pdf
2016-10-17 17:19 - 2016-10-17 17:19 - 00312576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2016-10-16 11:16 - 2016-10-16 11:16 - 00008662 _____ C:\Users\Public\Documents\stilkunst_millimeterpapier_grey.pdf
2016-10-15 17:55 - 2016-10-15 17:55 - 03723599 _____ C:\Users\lmar\Downloads\Lösung Hausi.pdf
 
==================== Ein Monat: Geänderte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2016-11-14 17:05 - 2011-11-19 12:30 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{08D3C520-6E1F-405C-BFD0-B14DA70816C3}
2016-11-14 16:56 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-14 16:56 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-14 16:55 - 2013-03-21 19:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-14 16:54 - 2016-06-06 16:38 - 00000000 ____D C:\Users\lmar\AppData\Local\Spotify
2016-11-14 16:54 - 2015-06-26 09:13 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2257400672-1811914005-1587198597-1000UA.job
2016-11-14 16:53 - 2016-06-06 16:37 - 00000000 ____D C:\Users\lmar\AppData\Roaming\Spotify
2016-11-14 16:53 - 2014-03-13 20:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-14 16:52 - 2011-05-19 18:14 - 00698574 _____ C:\Windows\system32\perfh007.dat
2016-11-14 16:52 - 2011-05-19 18:14 - 00149016 _____ C:\Windows\system32\perfc007.dat
2016-11-14 16:52 - 2009-07-14 06:13 - 01617714 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-14 16:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-14 16:49 - 2013-03-30 20:06 - 00000000 ___RD C:\Users\lmar\Dropbox
2016-11-14 16:49 - 2012-05-07 16:11 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-14 16:48 - 2011-11-21 17:52 - 00000000 ____D C:\ProgramData\MFAData
2016-11-14 16:46 - 2014-03-13 20:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-14 16:46 - 2011-05-19 08:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-14 16:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-14 14:03 - 2011-11-20 01:40 - 00000000 ____D C:\Users\lmar\AppData\Local\CrashDumps
2016-11-14 11:22 - 2015-03-06 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-11-14 11:16 - 2016-01-17 14:59 - 00000000 ____D C:\Users\lmar\AppData\Roaming\.ACEStream
2016-11-14 11:08 - 2016-09-27 10:47 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-11-14 11:02 - 2011-12-10 13:10 - 00000000 ____D C:\Users\Admin\Documents\Bluetooth Folder
2016-11-14 10:56 - 2011-12-10 14:19 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2016-11-14 08:54 - 2015-06-26 09:13 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2257400672-1811914005-1587198597-1000Core.job
2016-11-13 10:05 - 2016-04-07 20:55 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-11-12 17:25 - 2013-03-30 20:03 - 00000000 ____D C:\Users\lmar\AppData\Roaming\Dropbox
2016-11-10 18:10 - 2011-12-10 13:10 - 00000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2016-11-10 17:09 - 2011-12-10 13:10 - 00073352 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-10 13:27 - 2014-10-20 19:07 - 00003870 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1381785092
2016-11-10 13:27 - 2013-10-14 22:11 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-10 13:20 - 2011-11-19 12:40 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-11-10 08:49 - 2015-06-26 09:13 - 00003882 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2257400672-1811914005-1587198597-1000UA
2016-11-10 08:49 - 2015-06-26 09:13 - 00003486 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2257400672-1811914005-1587198597-1000Core
2016-11-09 08:55 - 2016-04-07 20:55 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-11-09 08:55 - 2013-03-21 19:08 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-09 08:55 - 2013-03-21 19:08 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-09 08:55 - 2012-04-24 01:47 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-09 08:55 - 2011-11-26 12:47 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-09 08:55 - 2011-05-19 08:54 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-07 18:00 - 2011-11-19 12:30 - 00000000 ____D C:\Users\lmar\Documents\Bluetooth Folder
2016-11-03 21:09 - 2011-11-21 17:57 - 00000000 ____D C:\Users\lmar\Desktop\Comp Cleanup
2016-11-03 11:16 - 2014-01-24 13:11 - 00000000 ____D C:\Users\postgres
2016-11-03 09:46 - 2013-01-24 20:23 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2016-10-31 21:52 - 2015-11-21 22:05 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-10-31 21:52 - 2015-11-21 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-10-30 17:17 - 2016-01-17 15:04 - 00000000 ___HD C:\_acestream_cache_
2016-10-27 07:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-25 11:55 - 2014-03-13 20:03 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-19 12:38 - 2015-01-09 12:58 - 00000000 ____D C:\Program Files\CyberGhost 5
 
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 
2016-01-21 22:52 - 2016-01-21 22:52 - 0001704 _____ () C:\Users\lmar\AppData\Local\CyberGhost.key
2013-02-02 15:21 - 2013-02-02 15:21 - 0026900 _____ () C:\Users\lmar\AppData\Local\dt.dat
2012-10-20 16:29 - 2012-10-20 16:29 - 0001206 _____ () C:\Users\lmar\AppData\Local\recently-used.xbel
2015-05-22 12:15 - 2015-11-21 22:25 - 0007604 _____ () C:\Users\lmar\AppData\Local\Resmon.ResmonCfg
2011-11-20 03:52 - 2011-11-20 03:52 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-12-10 02:56 - 2011-12-10 02:56 - 0000187 _____ () C:\ProgramData\REGSVR32.EXE-x.txt
 
==================== Bamital & volsnap ======================
 
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 
LastRegBack: 2016-10-25 13:47
 
==================== Ende von FRST.txt ============================
 
 
 
And here the Addition:
 
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2016
durchgeführt von lmar (14-11-2016 17:16:32)
Gestartet von C:\Users\lmar\AppData\Local\Temp\scoped_dir8928_4178
Windows 7 Home Premium Service Pack 1 (X64) (2011-11-19 11:27:48)
Start-Modus: Normal
==========================================================
 
 
==================== Konten: =============================
 
Admin (S-1-5-21-2257400672-1811914005-1587198597-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2257400672-1811914005-1587198597-500 - Administrator - Disabled)
Gast (S-1-5-21-2257400672-1811914005-1587198597-501 - Limited - Disabled)
lmar (S-1-5-21-2257400672-1811914005-1587198597-1000 - Administrator - Enabled) => C:\Users\lmar
postgres (S-1-5-21-2257400672-1811914005-1587198597-1003 - Limited - Enabled) => C:\Users\postgres
 
==================== Sicherheits-Center ========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG update module (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
 
==================== Installierte Programme ======================
 
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 
360Amigo System Speedup PRO (HKLM-x32\...\360Amigo) (Version: 1.2.1.7700 - 360Amigo System SpeedUp)
Ace Stream Media 3.1.2 (HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\AceStream) (Version: 3.1.2 - Ace Stream Media) <==== ACHTUNG
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
amide-1.0.3-1 (HKLM-x32\...\amide_is1) (Version:  - [email protected])
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.444 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AVG (HKLM\...\AvgZen) (Version: 1.111.2.45832 - AVG Technologies)
AVG (Version: 16.131.7924 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4664 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
AVG Zen (Version: 1.111.9 - AVG Technologies) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.3 - DivX, LLC)
Dropbox (HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
FM Genie Scout 15 version 1.0 15.3.2 beta 13 (HKLM-x32\...\FM Genie Scout 15_is1) (Version: 1.0 15.3.2 beta 13 - )
FM Genie Scout 16 version 1.0 16.3.1 (HKLM-x32\...\FM Genie Scout 16_is1) (Version: 1.0 16.3.1 - )
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
Football Manager 2016 (HKLM-x32\...\Steam App 378120) (Version:  - SEGA)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hola™ 1.13.351 - Better Internet (HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Hola) (Version: 1.13.351 - Hola Networks Ltd.) <==== ACHTUNG
I-Doser 4.50 (HKLM-x32\...\I-Doser 4.50) (Version:  - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager_is1) (Version:  - TCT Mobile Limited)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NexDef Plug-in (HKLM-x32\...\Autobahn) (Version:  - )
NVIDIA 3D Vision Treiber 268.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.31 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera Stable 41.0.2353.56 (HKLM-x32\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
Out of the Park Baseball 17 (HKLM\...\Steam App 402430) (Version:  - Out of the Park Developments)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.6.9 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.6.9 - Sony Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rapture3D 2.4.9 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (3/14/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.29.00(3/26/2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.12 (4/15/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
Spotify (HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\Spotify) (Version: 1.0.41.375.g040056ca - Spotify AB)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1136 - SUPERAntiSpyware.com)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.1.1.10250 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
vShare.tv plugin 1.3 (HKLM-x32\...\vShare.tv plugin) (Version: 1.3 - vShare.tv, Inc.) <==== ACHTUNG
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
Vuze Remote Toolbar (HKLM-x32\...\Vuze_Remote Toolbar) (Version: 6.7.0.6 - Vuze Remote) <==== ACHTUNG
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
XMedCon 0.11.0 (HKLM\...\XMedCon_is1) (Version:  - Erik Nolf)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.27_TME - ZTE Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
 
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\lmar\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
 
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
Task: {2656E201-E473-4F1C-AE21-F680B08E7016} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {3B00959B-167D-44E4-A167-DDEBCF2EF838} - System32\Tasks\Opera scheduled Autoupdate 1381785092 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-07] (Opera Software)
Task: {3CB44FC4-39D7-4EE4-B5BA-7E25EAD77F93} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {4C35F3E5-5F3B-4127-89F0-C507D3D08BF5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2257400672-1811914005-1587198597-1000Core => C:\Users\lmar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {4F44DF38-B124-4422-AB9E-8808A5E9FEC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {571102A0-B5EA-4674-BEB2-ADF95388CB02} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
Task: {5799407E-DEE8-44E5-8669-0E8152AC3D5E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)
Task: {57BD232A-503D-41BB-93E7-A57EC741A5BF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {7606DF4D-A40E-484C-8426-902AC083050F} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {7620C6E6-5CAA-4FED-810D-4130DBE0C2AE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)
Task: {76C26854-A97D-4978-9F05-CDA98740F2D4} - System32\Tasks\{6412662C-8DF4-48D4-BF20-ADFD4BB27F54} => pcalua.exe -a C:\Users\lmar\Downloads\jxpiinstall.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {7C937F9E-DAEB-4ECA-9F37-566C929945F5} - System32\Tasks\1015tbUpdateInfo => C:\ProgramData\Avg_Update_1015tb\1015tb_{C9919233-4C21-4AC1-9296-C128BBA0839D}.exe
Task: {88C28A1E-8231-4511-A028-1BB25B8E8117} - System32\Tasks\{BA77ABF7-B850-4CEB-8E5D-833FD737B091} => pcalua.exe -a C:\Users\lmar\Downloads\d3dx9.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {9E4BD995-49F0-43EB-AA5E-D9EBC3606FF9} - System32\Tasks\{B87A62F5-C9E3-479A-BAD7-33640E5165B6} => pcalua.exe -a "C:\Program Files (x86)\I-Doser\Uninstal.exe" -d "C:\Program Files (x86)\I-Doser"
Task: {9E5BCAF9-E19D-47CA-B364-171C862DFA56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {A986EBE7-EAEB-4C9F-B8D1-468A54A513CF} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {B35746F6-E0EC-4991-88C8-464DCC1BBE2A} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {B43E0C55-9010-4C21-A9C2-40FB2E32FEA8} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {C71DC055-8643-4BA5-AC6F-20A5D79215C6} - \BackgroundContainer Startup Task -> Keine Datei <==== ACHTUNG
Task: {CE16ACDC-0DE4-42C8-931C-88B9C6B50B58} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2257400672-1811914005-1587198597-1000UA => C:\Users\lmar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {DE7C8671-96FA-4A8C-8EB4-81771D265A5C} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {E4738DEE-B9D5-4531-9931-A9E01374EAB0} - System32\Tasks\launchspotflux => C:\Program Files (x86)\spotflux\.\spotflux.exe
Task: {E94EB9BE-A33F-4F90-ADE0-505A4E61E4EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {F6A5840D-1EFD-4857-9EE5-8C8BB4CE9856} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {F9E73133-B481-4828-ACB8-43D018CF783F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {FAC57A6C-D890-4F05-A1CD-A26C00DE8EFC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
Task: C:\Windows\Tasks\1015tbUpdateInfo.job => C:\ProgramData\Avg_Update_1015tb\1015tb_{C9919233-4C21-4AC1-9296-C128BBA0839D}.exe
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2257400672-1811914005-1587198597-1000Core.job => C:\Users\lmar\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2257400672-1811914005-1587198597-1000UA.job => C:\Users\lmar\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
 
==================== Verknüpfungen =============================
 
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 
2015-03-22 13:09 - 2016-09-27 10:35 - 00980552 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2012-03-31 13:22 - 2012-03-11 13:56 - 00086608 _____ () C:\Windows\System32\cpwmon64.dll
2015-07-28 13:16 - 2013-05-29 13:01 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-03 18:24 - 2012-09-03 18:24 - 01019904 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\common\DotNetMagic2005.dll
2012-09-03 18:24 - 2012-09-03 18:24 - 00733696 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\plugins\kdu_mni.dll
2012-09-03 18:24 - 2012-09-03 18:24 - 01348608 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\plugins\kdu_a64R.dll
2012-09-03 20:23 - 2012-09-03 20:23 - 00007680 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\plugins\ClearCanvas.Jscript.dll
2012-07-30 20:02 - 2012-07-30 20:02 - 00677888 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\plugins\vtkCommonDotNet.dll
2012-07-30 20:02 - 2012-07-30 20:02 - 01674752 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\plugins\vtkCommon.dll
2012-07-30 20:02 - 2012-07-30 20:02 - 00249344 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\plugins\vtksys.dll
2012-07-30 20:02 - 2012-07-30 20:02 - 00897536 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\plugins\vtkFilteringDotNet.dll
2012-07-30 20:02 - 2012-07-30 20:02 - 02187776 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\plugins\vtkFiltering.dll
2012-07-30 20:02 - 2012-07-30 20:02 - 00375296 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\plugins\vtkImagingDotNet.dll
2012-07-30 20:02 - 2012-07-30 20:02 - 02426880 _____ () C:\Program Files\ClearCanvas\ClearCanvas Workstation\plugins\vtkImaging.dll
2014-12-07 18:27 - 2013-01-11 14:27 - 00051576 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2015-05-12 17:06 - 2015-05-12 17:06 - 02829848 _____ () C:\ProgramData\Avg_Update_0415tb\0415tb_{5D48FFBF-9788-489C-9036-433ED6D11095}.exe
2011-08-11 16:27 - 2011-08-11 16:27 - 15490560 ____N () C:\Users\lmar\AppData\Local\Autobahn\nexdef.exe
2011-07-29 00:08 - 2011-07-29 00:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-11-07 18:35 - 2016-09-29 23:12 - 02180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-11-10 07:54 - 2015-11-10 07:54 - 00027000 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\ace_update.exe
2011-11-26 12:44 - 2011-02-25 17:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2011-11-26 12:44 - 2011-02-25 17:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2014-01-24 13:08 - 2013-04-02 06:20 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2014-01-24 13:10 - 2012-08-14 14:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2011-05-19 08:41 - 2011-03-05 15:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2013-03-25 13:23 - 2016-09-08 04:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-24 19:58 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-24 19:58 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-24 19:58 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-25 12:33 - 2016-10-13 02:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-20 13:10 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-20 13:10 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-20 13:10 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-20 13:10 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-20 13:10 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-05-07 16:14 - 2016-10-13 02:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-30 20:25 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-12-18 01:27 - 2016-10-20 11:34 - 00332288 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00038400 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\_socket.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00720896 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00287232 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd
2015-04-16 13:27 - 2015-04-16 13:27 - 00018944 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd
2012-02-07 17:37 - 2012-02-07 17:37 - 00167424 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\win32gui.pyd
2012-02-07 17:35 - 2012-02-07 17:35 - 00110080 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll
2012-02-07 17:36 - 2012-02-07 17:36 - 00035840 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\win32process.pyd
2014-01-23 12:37 - 2014-01-23 12:37 - 00036352 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd
2012-02-07 17:37 - 2012-02-07 17:37 - 00098816 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\win32api.pyd
2012-02-07 17:38 - 2012-02-07 17:38 - 00358912 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll
2012-02-07 17:36 - 2012-02-07 17:36 - 00111616 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\win32file.pyd
2012-02-07 17:36 - 2012-02-07 17:36 - 00024064 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd
2015-04-16 13:27 - 2015-04-16 13:27 - 02386432 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pywebrtc.pyd
2015-12-18 01:24 - 2016-10-20 11:34 - 03054080 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd
2013-12-21 14:20 - 2013-12-21 14:20 - 00053248 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\_blist.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00106496 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd
2013-12-21 14:20 - 2013-12-21 14:20 - 00040448 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00011776 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\select.pyd
2015-12-17 22:19 - 2016-05-19 00:37 - 00242792 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pysegmenter.pyd
2015-04-16 13:29 - 2015-04-16 13:29 - 00112142 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\libgcc_s_dw2-1.dll
2011-01-18 22:56 - 2011-01-18 22:56 - 00334336 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00152576 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd
2011-02-13 16:02 - 2011-02-13 16:02 - 00031232 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd
2015-12-18 01:46 - 2016-10-20 11:34 - 05037568 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00057344 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\_sqlite3.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00635392 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\sqlite3.dll
2016-05-20 12:20 - 2016-05-19 00:37 - 00014848 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\netifaces.pyd
2010-10-10 23:23 - 2010-10-10 23:23 - 00723968 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\apsw.pyd
2013-01-29 17:20 - 2013-01-29 17:20 - 00082944 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd
2011-07-15 20:37 - 2011-07-15 20:37 - 00981504 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00746496 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00670720 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00966144 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00674816 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00688128 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd
2015-04-16 13:29 - 2015-04-16 13:29 - 00061952 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd
2013-01-29 17:20 - 2013-01-29 17:20 - 00066048 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd
2016-11-12 17:24 - 2016-10-10 17:29 - 00035792 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-11-12 17:25 - 2016-10-10 17:29 - 00145864 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-11-12 17:25 - 2016-10-10 17:29 - 00019408 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-11-12 17:25 - 2016-10-10 17:29 - 00116688 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-11-12 17:24 - 2016-10-10 17:29 - 00100296 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-11-12 17:24 - 2016-10-10 17:29 - 00018888 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\select.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00019760 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-11-12 17:24 - 2016-10-10 17:29 - 00694224 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-11-12 17:25 - 2016-11-07 23:58 - 00020816 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-11-12 17:24 - 2016-10-10 17:30 - 00123856 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-11-12 17:25 - 2016-11-07 23:58 - 01682760 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-11-12 17:25 - 2016-11-07 23:58 - 00020808 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00105928 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00021312 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00052024 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00038696 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-11-12 17:25 - 2016-10-10 17:29 - 00392144 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-11-12 17:25 - 2016-10-10 17:31 - 00020936 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00024528 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00116176 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00381752 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00124880 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00025424 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00024016 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00175560 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00030160 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00043472 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00048592 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00057808 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00024016 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-11-12 17:25 - 2016-11-07 23:58 - 00246592 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00026456 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-11-12 17:24 - 2016-10-10 17:30 - 00241104 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-11-12 17:25 - 2016-11-07 23:58 - 00020280 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00028616 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00023376 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00020800 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00019776 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00020800 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00350152 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00022352 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00024392 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-11-12 17:25 - 2016-10-10 17:27 - 00036296 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\librsync.dll
2016-11-12 17:25 - 2016-11-07 23:59 - 00084280 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-11-12 17:25 - 2016-11-07 23:59 - 01826096 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-11-12 17:24 - 2016-10-10 17:29 - 00083912 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\sip.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00531248 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 03928880 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 01972528 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00133424 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00224056 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00207672 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00020288 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-11-12 17:25 - 2016-10-10 17:33 - 00017864 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-11-12 17:25 - 2016-10-10 17:34 - 01631184 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-11-12 17:25 - 2016-11-07 23:59 - 00042808 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00168760 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00357680 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-11-12 17:24 - 2016-10-10 17:31 - 00060880 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-11-12 17:24 - 2016-11-07 23:59 - 00024904 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-11-12 17:25 - 2016-11-07 23:59 - 00546096 _____ () C:\Users\lmar\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2011-08-11 16:27 - 2011-08-11 16:27 - 00020480 _____ () C:\Users\lmar\AppData\Local\Autobahn\rt\bin\jetvm\jvm.dll
2011-08-11 16:27 - 2011-08-11 16:27 - 00069632 _____ () C:\Users\lmar\AppData\Local\Autobahn\rt\bin\java.dll
2011-08-11 16:27 - 2011-08-11 16:27 - 00126976 _____ () C:\Users\lmar\AppData\Local\Autobahn\rt\bin\zip.dll
2011-08-11 16:27 - 2011-08-11 16:27 - 00159744 _____ () C:\Users\lmar\AppData\Local\Autobahn\rt\jetrt\baseline720.dll
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-11-21 22:04 - 2016-04-07 15:14 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-10-03 14:38 - 2016-10-20 11:34 - 00281600 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\acestreamengine.jsplayer.pyd
2016-10-03 14:38 - 2016-10-01 19:50 - 00350720 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pyvlc.pyd
2015-08-06 13:30 - 2015-08-06 13:30 - 00164216 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\player\libtsplayer.dll
2015-08-06 13:30 - 2015-08-06 13:30 - 01968504 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\player\libtsplayercore.dll
2016-10-03 14:38 - 2016-10-11 16:32 - 00262760 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pysegmenter2.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00038400 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00720896 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
2011-07-15 20:37 - 2011-07-15 20:37 - 00981504 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00746496 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00670720 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00966144 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00674816 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00287232 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
2011-01-18 22:56 - 2011-01-18 22:56 - 00334336 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00011776 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\select.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00152576 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
2012-02-07 17:37 - 2012-02-07 17:37 - 00098816 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
2012-02-07 17:35 - 2012-02-07 17:35 - 00110080 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
2012-02-07 17:38 - 2012-02-07 17:38 - 00358912 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
2012-02-07 17:36 - 2012-02-07 17:36 - 00111616 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
2012-02-07 17:36 - 2012-02-07 17:36 - 00024064 _____ () C:\Users\lmar\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
2012-02-20 11:24 - 2012-02-20 11:24 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\6757c464008933b71ed8418695cb7638\IsdiInterop.ni.dll
2011-05-19 08:28 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2016-10-19 12:33 - 2016-08-04 21:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-11-10 13:27 - 2016-11-10 13:26 - 66023632 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\opera.dll
2016-11-10 13:27 - 2016-11-10 13:26 - 01888464 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\libglesv2.dll
2016-11-10 13:27 - 2016-11-10 13:26 - 00094416 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\libegl.dll
 
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 
 
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
IE trusted site: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\...\hola.org -> hxxp://hola.org
 
==================== Hosts Inhalt: ===============================
 
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 
2009-07-14 03:34 - 2011-12-10 20:59 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
::1       localhost
 
==================== Andere Bereiche ============================
 
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\lmar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 89.41.60.38 - 95.169.183.219
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
 
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
 
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
FirewallRules: [{EDFDDCB7-D5F3-4D51-AA2F-BA96FB707548}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A83C058F-5167-4571-AFF3-0DC13C4E2B3D}] => (Allow) LPort=2869
FirewallRules: [{AA7F2292-833E-4165-A79B-17E7EB54B88F}] => (Allow) LPort=1900
FirewallRules: [{666625D3-9F5E-44F4-95C9-5E5BE23365E3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{71EDB291-9858-4A48-9B1D-8F92FF045CE6}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{482F6170-7B8B-402A-BF32-2B895AC6A46E}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 12\Game\fifa.exe
FirewallRules: [{E62CA926-245A-424E-8550-6387A02D7A02}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 12\Game\fifa.exe
FirewallRules: [{819C2ABF-F251-448B-A6E9-746012E30D5E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{28325DD3-34EB-4A50-96D7-93C1B58EB546}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{365EB397-E316-45C5-8363-D224FD5EB588}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8C5FEFA8-8180-4C7D-AABA-A697006A4A59}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2C76DB57-4285-49A1-AA8A-7D6D4BEC299B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9A508635-CC8B-48E2-82DA-D3791022D052}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8978AF11-4B86-4DE8-B606-6554812850F7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{28FE8384-E0FF-4EB4-B48B-E17FBA8DCEB3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{DBAEA134-C2F8-41D4-8713-21BA8ABEC5BA}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{1387472C-B226-4FAB-ADE1-EC3E2A7B23F9}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{74137645-8677-4281-B79A-71C306550E10}] => (Allow) C:\Users\lmar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{84CC3129-6CBF-4297-A020-DC7F30E8C7A2}] => (Allow) C:\Users\lmar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1E839ECF-DFDB-4113-A5F4-7242C0EEE4FC}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{EAD4D6C3-D355-47DE-9F84-C48A21F948C6}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{2C8D0505-BB52-4C17-A5AC-2A94B6FCA508}] => (Allow) LPort=5432
FirewallRules: [{FD3ACB4D-2B60-4289-9B7E-0A1CAE511953}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6EB6AEB1-9FB9-4B55-B121-201DB5FCABDF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4216ADDB-EA01-41A1-9B02-C6FEB90D84EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C47E38A9-9319-46CC-81FC-13F85917AB62}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BFCE9212-ACAA-4939-B68D-15402B3AAA34}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{7D82FF0C-7433-4FEA-9132-F82C99B9B273}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{4A8E0E89-CD2A-4C2E-8EEB-ED548F858127}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{EC471EA7-347C-4B7B-9F5B-7894C2CCD0CC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{1A52C790-7141-440D-88FE-92AEA0BAB813}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{182C9486-E211-44D4-8CE3-7375FB234E2D}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{17547348-46E6-4822-B536-43FA5F036EDE}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C51717A0-EF8C-47EF-B89F-E34001824C42}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{F3D2C973-9C4E-4856-ADBE-72FAAC4087B5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{0ED77360-8068-4A0C-ABC7-CE4A2B207184}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{C2C12C08-671B-494C-8E04-D678AFA7C5CF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{8B7DFEB8-FE72-4A03-87D8-BCE16A7C03A0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{9ED52BC4-30C1-48AD-A935-F6D5E7F7A5D3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{B562F523-6054-4DE9-B47A-1B476C1E0B82}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{E74E1E77-4F40-48C6-9007-FD649F2F26B1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{C0ADD7F7-62A4-471F-8129-AB3968EA3B02}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{E9976399-6B4A-44CC-8869-6B03BF14DCC1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{63204F7D-8849-4451-BE24-220471AB70DF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2D6DDC6B-D85E-4F24-BA1F-56C6590A573D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{28765D61-3DFF-48DB-B996-A2DFC291D9AF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{D73BEE16-91C7-4B08-9D7C-67873BA83583}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{A8892007-2061-40F3-9441-1B13E156D1DB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{9262F8EF-BA1F-45C0-BB49-E601F0FF5F1B}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{312BBA2D-0D20-4BE9-BA45-639FDBD0939C}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{3AF84FB3-403C-47F6-A085-55C723959F17}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{23DE072C-6579-4D7E-ACF7-C10610E2573C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{378E9E61-2C0F-4994-821F-420037BF3D7C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{5D5F0BB8-DCDE-4E13-830C-DA1B5AA7E564}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{763046D9-AC9D-45FD-8A64-76E2DA73DF4F}C:\users\lmar\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\lmar\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{8ECE422A-E7AB-4927-9AC3-B9A833C6292A}C:\users\lmar\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\lmar\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{675F7AAE-79E9-4ECF-ABF8-EC1E745A24E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2016\fm.exe
FirewallRules: [{D8981458-97A3-473E-AE10-00F9A4F41706}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2016\fm.exe
FirewallRules: [{8737D282-E83A-49C9-9758-A3B30F7F5470}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Out of the Park Baseball 17\ootp17.exe
FirewallRules: [{228BDBBB-9D67-4112-AE83-3476C3737DF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Out of the Park Baseball 17\ootp17.exe
FirewallRules: [TCP Query User{DE2BCD23-E3E9-4E76-8CCB-2D38B133CCF2}C:\users\lmar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lmar\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{AFE38CE5-AFD4-49F7-8E57-10AA2B4902F2}C:\users\lmar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lmar\appdata\roaming\spotify\spotify.exe
FirewallRules: [{52D25F07-42E0-4C91-8478-496D05E1B745}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FA023091-8AAB-49E9-87DE-077CA1E7D745}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{894E1873-0375-4B5B-B13E-079894032AD5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{DF9A978C-55BE-40A1-9404-103BC29E6AEC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{F1E898C8-0822-4438-B5B8-2225438F7657}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
 
==================== Wiederherstellungspunkte =========================
 
26-10-2016 19:08:06 Geplanter Prüfpunkt
02-11-2016 22:39:04 Geplanter Prüfpunkt
03-11-2016 10:24:17 Windows Update
 
==================== Fehlerhafte Geräte im Gerätemanager =============
 
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Fehlereinträge in der Ereignisanzeige: =========================
 
Applikationsfehler:
==================
Error: (11/14/2016 04:56:40 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
 
Error: (11/14/2016 04:48:45 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
 
Error: (11/14/2016 04:47:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 
Error: (11/14/2016 04:46:59 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1818}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).
 
Error: (11/14/2016 04:46:59 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1818}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'http://c2r.microsoft....7167.5001.sft'herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).
 
Error: (11/14/2016 04:46:14 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2016-11-14 16:46:14 CETFATAL:  the database system is starting up
 
Error: (11/14/2016 04:46:10 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2016-11-14 16:46:10 CETFATAL:  the database system is starting up
 
Error: (11/14/2016 02:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fm.exe, Version: 16.3.2.0, Zeitstempel: 0x5787ab5c
Name des fehlerhaften Moduls: fm.exe, Version: 16.3.2.0, Zeitstempel: 0x5787ab5c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0089b1e7
ID des fehlerhaften Prozesses: 0xa28
Startzeit der fehlerhaften Anwendung: 0x01d23e6274ba890d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2016\fm.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2016\fm.exe
Berichtskennung: c63fc6bf-aa6a-11e6-9ef3-90004ec39e28
 
Error: (11/14/2016 11:38:58 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
 
Error: (11/14/2016 11:31:00 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
 
 
Systemfehler:
=============
Error: (11/14/2016 04:51:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
 
Error: (11/14/2016 04:47:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
 
Error: (11/14/2016 04:47:06 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Bei DCOM ist der Fehler "1053" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden:
{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (11/14/2016 04:47:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
 
Error: (11/14/2016 04:46:18 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert
 
Error: (11/14/2016 04:45:57 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert
 
Error: (11/14/2016 02:16:28 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert
 
Error: (11/14/2016 11:33:32 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
 
Error: (11/14/2016 11:28:55 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert
 
Error: (11/14/2016 11:28:37 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert
 
 
CodeIntegrity:
===================================
  Date: 2014-12-18 16:07:39.575
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
  Date: 2014-12-18 16:07:39.559
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
  Date: 2014-12-18 16:07:13.838
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
  Date: 2014-12-18 16:07:13.823
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
  Date: 2014-12-18 16:07:07.197
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
  Date: 2014-12-18 16:07:07.181
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
  Date: 2014-12-18 16:06:29.659
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
  Date: 2014-12-18 16:06:29.644
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
  Date: 2014-12-18 16:06:22.783
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
  Date: 2014-12-18 16:06:22.767
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
 
==================== Speicherinformationen =========================== 
 
Prozessor: Intel® Core™ i3-2310M CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 82%
Installierter physikalischer RAM: 4077.86 MB
Verfügbarer physikalischer RAM: 728.11 MB
Summe virtueller Speicher: 8153.91 MB
Verfügbarer virtueller Speicher: 3379.71 MB
 
==================== Laufwerke ================================
 
Drive c: () (Fixed) (Total:452.15 GB) (Free:260.64 GB) NTFS
 
==================== MBR & Partitionstabelle ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 24DDFD60)
Partition 1: (Not Active) - (Size=13.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.1 GB) - (Type=07 NTFS)
 
==================== Ende von Addition.txt ============================

  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Programs to uninstall
Ace Stream Media 3.1.2
vShare.tv plugin 1.3
Vuze Remote Toolbar


Next

A few items to fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
 
start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sony.eu/vaioportal
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {2A7B3037-4954-4620-97E9-10730459224B} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {B76D0BAE-CADC-49CF-9981-5B0416E34FD4} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {DD0F6097-3D99-4325-83A9-F62828014CDB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {3CFA54D1-E9CA-4765-88DF-6FB8646D89CF} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {8F6288F2-2BCF-4E76-A446-855E24C70C55} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {E59B37B1-5A0F-43FD-876C-E1A8B17A444C} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
Task: {C71DC055-8643-4BA5-AC6F-20A5D79215C6} - \BackgroundContainer Startup Task -> Keine Datei <==== ACHTUNG
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to C:\Users\lmar\AppData\Local\Temp\scoped_dir8928_4178 (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
  • Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
    Next
    Please download adwCleaner to your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the logfile button and the log will open in Notepad.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • The report will be saved in the C:\AdwCleaner folder.

    Next

    Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    Next
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
  • Reboot your computer if prompted.
  • Posting the Malwarebytes log.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.

    In your next reply post;
  • Fix log .txt
  • The AdwCleaner [C1].txt Log
  • The JRT.txt Log
  • Malwarebytes log

I will return a bit later today to review.

Thanks
Joe :)
  • 0

#5
l.mart

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Hi thanks for the reply. 

 

The 'Vuze Remote Toolbar' does not appear in my De-installation list. Where else would I be able to find it?


  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Skip it for now, keep following instructions.
  • 0

#7
l.mart

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

I also cannot find this location :  C:\Users\lmar\AppData\Local\Temp\scoped_dir8928_4178 

 

When I go to lmar I only find the folder 'Application Data' in which there is just one file named 'Ubisoft'


  • 0

#8
l.mart

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

double post... sorry


Edited by l.mart, 14 November 2016 - 10:53 AM.

  • 0

#9
l.mart

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

I also cannot find this location :  C:\Users\lmar\AppData\Local\Temp\scoped_dir8928_4178 

 

When I go to lmar I only find the folder 'Application Data' in which there is just one file named 'Ubisoft'


  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Can you re-download FRST, and put it on your desktop, then save the fixlist to the desktop. I have to have FRST and the fixlist in the same location for the fix to work.

Also

it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
  • 0

Advertisements


#11
l.mart

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

I redownloaded FRST and redid the scans. 

 

I saved the fixlist to  C:\Users\lmar\AppData\Local\Temp\scoped_dir8928_4178  and reran FRST but an option to press 'fix' did not appear. Did I do something wrong?


Edited by l.mart, 14 November 2016 - 02:31 PM.

  • 0

#12
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
We don't need that location anymore forget about that

I need FRST on your desktop, then save the fixlist to the desktop too. Once those 2 things are on the desktop, open FRST and click fix. as outlined below:

A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
 
start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sony.eu/vaioportal
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {2A7B3037-4954-4620-97E9-10730459224B} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {B76D0BAE-CADC-49CF-9981-5B0416E34FD4} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {DD0F6097-3D99-4325-83A9-F62828014CDB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {3CFA54D1-E9CA-4765-88DF-6FB8646D89CF} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {8F6288F2-2BCF-4E76-A446-855E24C70C55} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {E59B37B1-5A0F-43FD-876C-E1A8B17A444C} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
Task: {C71DC055-8643-4BA5-AC6F-20A5D79215C6} - \BackgroundContainer Startup Task -> Keine Datei <==== ACHTUNG
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to your Desktop (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
  • 0

#13
l.mart

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Good morning,

 

here are the requested logs.

 

Fixlog:

 

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2016
durchgeführt von lmar (14-11-2016 21:46:06) Run:1
Gestartet von C:\Users\lmar\Desktop
Geladene Profile: lmar & postgres (Verfügbare Profile: lmar & Admin & postgres)
Start-Modus: Normal
==============================================
 
fixlist Inhalt:
*****************
start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sony.eu/vaioportal
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {2A7B3037-4954-4620-97E9-10730459224B} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2014-11-07 18:35:43&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {B76D0BAE-CADC-49CF-9981-5B0416E34FD4} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000 -> {DD0F6097-3D99-4325-83A9-F62828014CDB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {3CFA54D1-E9CA-4765-88DF-6FB8646D89CF} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {8F6288F2-2BCF-4E76-A446-855E24C70C55} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-2257400672-1811914005-1587198597-1001 -> {E59B37B1-5A0F-43FD-876C-E1A8B17A444C} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
Task: {C71DC055-8643-4BA5-AC6F-20A5D79215C6} - \BackgroundContainer Startup Task -> Keine Datei <==== ACHTUNG
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
Emptytemp:
*****************
 
Prozess erfolgreich geschlossen.
Wiederherstellungspunkt wurde erfolgreich erstellt.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel nicht gefunden. 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => Wert erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich entfernt
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wert erfolgreich wiederhergestellt
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Fehler beim Setzen des Wertes
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Fehler beim Setzen des Wertes
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Schlüssel erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Schlüssel erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
"HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Schlüssel nicht gefunden. 
"HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2A7B3037-4954-4620-97E9-10730459224B}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{2A7B3037-4954-4620-97E9-10730459224B} => Schlüssel nicht gefunden. 
"HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Schlüssel nicht gefunden. 
"HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Schlüssel nicht gefunden. 
"HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B76D0BAE-CADC-49CF-9981-5B0416E34FD4}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{B76D0BAE-CADC-49CF-9981-5B0416E34FD4} => Schlüssel nicht gefunden. 
"HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DD0F6097-3D99-4325-83A9-F62828014CDB}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{DD0F6097-3D99-4325-83A9-F62828014CDB} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3CFA54D1-E9CA-4765-88DF-6FB8646D89CF} => Schlüssel nicht gefunden. 
HKCR\CLSID\{3CFA54D1-E9CA-4765-88DF-6FB8646D89CF} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8F6288F2-2BCF-4E76-A446-855E24C70C55} => Schlüssel nicht gefunden. 
HKCR\CLSID\{8F6288F2-2BCF-4E76-A446-855E24C70C55} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-2257400672-1811914005-1587198597-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E59B37B1-5A0F-43FD-876C-E1A8B17A444C} => Schlüssel nicht gefunden. 
HKCR\CLSID\{E59B37B1-5A0F-43FD-876C-E1A8B17A444C} => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C71DC055-8643-4BA5-AC6F-20A5D79215C6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C71DC055-8643-4BA5-AC6F-20A5D79215C6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task" => Schlüssel erfolgreich entfernt
 
========= bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= Ende von CMD: =========
 
 
========= netsh winsock reset catalog =========
 
 
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
 
 
========= Ende von CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows-IP-Konfiguration
 
Der DNS-Aufl”sungscache wurde geleert.
 
========= Ende von CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9619966 B
Java, Flash, Steam htmlcache => 144386816 B
Windows/system/drivers => 13265 B
Edge => 0 B
Chrome => 46988070 B
Firefox => 6952815 B
Opera => 92202122 B
 
Temp, IE cache, history, cookies, recent:
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 181715 B
systemprofile32 => 110924 B
LocalService => 132244 B
NetworkService => 66228 B
lmar => 41486670 B
Admin => 4642068 B
postgres => 66228 B
 
RecycleBin => 11149941 B
EmptyTemp: => 349.5 MB temporäre Dateien entfernt.
 
================================
 
 
Das System musste neu gestartet werden.
 
==== Ende von Fixlog 21:47:28 ====
 
 
 
 
JRT:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64 
Ran by lmar (Administrator) on Mon 11/14/2016 at 22:31:07.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 55 
 
Successfully deleted: C:\Users\lmar\AppData\Local\{0D33B9DA-63A7-4870-91D3-EE69CABC3FFE} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{259934BF-FCB5-4096-8B14-1F9B070761D2} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{2E5A8C5F-F53D-4AD0-A8EA-DC9CA4728EDE} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{39D3E5BA-3885-4F84-81EA-A016714A91C2} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{3B7BD6C3-6F48-4866-9FC6-EFABEFEDDEF7} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{54728397-0C7D-40FA-A356-A1D6636B32DB} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{550A35A6-C185-402A-98D6-AD2875BD3AD7} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{562E04D1-5BA0-4D32-83EE-9D07E2726C78} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{573B97C2-EA5A-49D9-AC68-7489E8BED7B5} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{5FCDE7C4-960C-4CC6-AD97-D7DF525FE419} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{61DBF96B-912F-4F7C-9069-122175BDA2C7} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{659C1CFA-CD33-4D59-BA33-32F47FBD6E71} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{70DBB16C-A576-4710-BDF2-C4C4AE189C5B} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{7F490BBB-87B2-4CE1-868B-F8C87A8C7086} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{89B6FE43-9BAC-45FB-9AD1-0EF291CF3006} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{B75B551D-248B-4E4F-B764-147EAC3B6E75} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{BF080DFD-E843-459B-A765-A61EBF6D7F02} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{C3F218FB-1D9C-4A85-91E1-4CC6DEEDD269} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{EC243AE0-2CA8-4AD5-BFC2-E3FD18F84B64} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\{F7C3EE9F-0F40-4D0F-90BB-1C65102C5497} (Empty Folder)
Successfully deleted: C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
Successfully deleted: C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
Successfully deleted: C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal (File) 
Successfully deleted: C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File) 
Successfully deleted: C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default\user.js (File) 
Successfully deleted: C:\Users\lmar\AppData\Roaming\out of the park developments (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Game_Booster_Startup (Task)
Successfully deleted: C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E0D8ILJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1DMOY938 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UF1E24I (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9YH3ENLF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AZ335BXP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NW82FAQJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUW1EASK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QX4PPB0B (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E0D8ILJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1DMOY938 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UF1E24I (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9YH3ENLF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AZ335BXP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NW82FAQJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUW1EASK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QX4PPB0B (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\SysWOW64\sho1BEA.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho27FA.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho2D1A.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho4E7C.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho625C.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho80B6.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoC0AD.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoCB38.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoE69A.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoE7E8.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoF062.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoF9C6.tmp (File) 
 
 
 
Registry: 1 
 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 11/14/2016 at 22:37:33.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
AdwCleaner:
 
# AdwCleaner v6.030 - Bericht erstellt am 14/11/2016 um 22:21:39
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-14.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : lmar - LMAR-VAIO
# Gestartet von : C:\Users\lmar\Desktop\adwcleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support
 
 
 
***** [ Dienste ] *****
 
 
 
***** [ Ordner ] *****
 
[-] Ordner gelöscht: C:\_acestream_cache_
[-] Ordner gelöscht: C:\ProgramData\AVG Secure Search
[-] Ordner gelöscht: C:\ProgramData\AVG Security Toolbar
[-] Ordner gelöscht: C:\ProgramData\avg web tuneup
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\AVG Secure Search
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\AVG Security Toolbar
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\avg web tuneup
[-] Ordner gelöscht: C:\Program Files (x86)\Conduit
[-] Ordner gelöscht: C:\Program Files (x86)\iLivid
[-] Ordner gelöscht: C:\Program Files (x86)\avg web tuneup
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
[-] Ordner gelöscht: C:\Users\lmar\AppData\Local\Geckofx
 
 
***** [ Dateien ] *****
 
[-] Datei gelöscht: C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default\extensions\[email protected]
[-] Datei gelöscht: C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default\invalidprefs.js
[-] Datei gelöscht: C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default\searchplugins\avg-secure-search.xml
[-] Datei gelöscht: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] Datei gelöscht: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] Datei gelöscht: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Verknüpfungen ] *****
 
 
 
***** [ Aufgabenplanung ] *****
 
 
 
***** [ Registrierungsdatenbank ] *****
 
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Applications\iLividSetupV1.exe
[-] Schlüssel gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Classes\acestream
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\acestream
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\acestream
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{231047C5-F7E9-45BE-9EFD-6E9BB6D59A9F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{82443621-A29A-473E-8335-F5C958A7A4CA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Schlüssel gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Conduit
[-] Schlüssel gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Hola
[-] Schlüssel gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\StartSearch
[-] Schlüssel gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\vShare.tv
[-] Schlüssel gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\AppDataLow\Toolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\AppDataLow\Software\BackgroundContainer
[-] Schlüssel gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\AppDataLow\Software\Conduit
[-] Schlüssel gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\AppDataLow\Software\ConduitSearchScopes
[-] Schlüssel gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hola
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Hola
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\StartSearch
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\vShare.tv
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Toolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\BackgroundContainer
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Schlüssel gelöscht: HKLM\SOFTWARE\AVG Secure Search
[-] Schlüssel gelöscht: HKLM\SOFTWARE\AVG Security Toolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Conduit
[-] Schlüssel gelöscht: HKLM\SOFTWARE\AVG Tuneup
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hola
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Hola
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\StartSearch
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\vShare.tv
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Toolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\BackgroundContainer
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hola
[-] Wert gelöscht: HKU\S-1-5-21-2257400672-1811914005-1587198597-1000\Software\Microsoft\Windows\CurrentVersion\Run [hola]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [hola]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [hola]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Schlüssel gelöscht: HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
[-] Schlüssel gelöscht: HKCU\Software\MozillaPlugins\@hola.org/vlc
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
 
 
***** [ Browser ] *****
 
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" -  "AVG Secure Search"
[-] Firefox Einstellungen bereinigt: "browser.startup.homepage" -  "hxxps://mysearch.avg.com?cid={1B8EA2C5-2C34-457D-88F5-CE35E49C376F}&mid=c851f3e20a6047d1b6e54149082777db-04cd357aeeccee21be0e9168c03940faaaf16666&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-07 18:35:43&v=4.0.0.19&pid=wtu&sg=&sap=hp"
 
 
*************************
 
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [11826 Bytes] - [14/11/2016 22:21:39]
C:\AdwCleaner\AdwCleaner[S0].txt - [12273 Bytes] - [14/11/2016 21:58:39]
C:\AdwCleaner\AdwCleaner[S1].txt - [11222 Bytes] - [14/11/2016 22:12:48]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [12048 Bytes] ##########
 
 
Malwarebytes:
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 11/15/2016
Scan Time: 7:25 AM
Logfile: Malwarebytes.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.11.15.05
Rootkit Database: v2016.10.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: lmar
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 389110
Time Elapsed: 26 min, 45 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06715E72-7FD1-4362-984B-267EB1642BB8}, Quarantined, [50410db3970352e4bb31f093778bba46], 
 
Registry Values: 1
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06715E72-7FD1-4362-984B-267EB1642BB8}|AppPath, C:\Users\lmar\AppData\Local\Conduit\CT2504091, Quarantined, [50410db3970352e4bb31f093778bba46]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
Thanks you for your continued help,
 
Lucas

  • 0

#14
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Download zoek.exe to your Desktop: http://hijackthis.nl/smeenk/

Important: Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe.

on Windows Vista, 7, 8 and 10 right-click Zoek.exe and select: Run as Administrator
give it a few seconds to appear
copy/paste the entire script inside the codebox below into the input field of Zoek:

createsrpoint;
autoclean;
emptyclsid;
emptyffcache;
FFdefaults;
emptyiecache;
iedefaults;
emptychrcache;
CHRdefaults;
emptyalltemp;
ipconfig /flushdns;b
close any open programs.
click the Run script button, and wait. It takes a few minutes to run.
when the tool finishes, the zoek-results.log is opened in Notepad: the log can also be found on the systemdrive, normally C:\
if a reboot is needed, the log will be opened after the reboot.
  • 0

#15
l.mart

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Here is the log:

 

 

 

 
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by lmar on Tue 11/15/2016 at 17:31:36.64.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\lmar\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
11/15/2016 5:34:51 PM Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\COMMON~1\EAInstaller deleted successfully
C:\Users\Admin\AppData\Roaming\Apple Computer deleted successfully
C:\Users\lmar\AppData\Roaming\Amazon deleted successfully
C:\Users\lmar\AppData\Roaming\Ehyb deleted successfully
C:\Users\lmar\AppData\Roaming\Electronic Arts deleted successfully
C:\Users\lmar\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\lmar\AppData\Roaming\Philips Channel Editor deleted successfully
C:\Users\lmar\AppData\Roaming\skypePM deleted successfully
C:\Users\lmar\AppData\Roaming\TP deleted successfully
C:\Users\lmar\AppData\Roaming\TunnelBear deleted successfully
C:\Users\lmar\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\lmar\AppData\Local\CutePDF Writer deleted successfully
C:\Users\lmar\AppData\Local\HockeyCrashes deleted successfully
C:\Users\lmar\AppData\Local\PokerStars deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== FireFox Fix ======================
 
Deleted from C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\90oi0mv2.default\prefs.js:
 
Added to C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\90oi0mv2.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
Deleted from C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default\prefs.js:
user_pref("browser.search.suggest.enabled", false);
 
Added to C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
==== Batch Command(s) Run By Tool======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\Origin deleted
C:\windows\SysNative\Tasks\1015tbUpdateInfo deleted
C:\windows\SysNative\Tasks\ROC_REG_JAN_DELETE deleted
C:\Windows\tasks\1015tbUpdateInfo.job deleted
C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted
C:\PROGRA~2\SamsungPrinterLiveUpdateInstaller deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted
C:\PROGRA~3\REGSVR32.EXE-x.txt deleted
C:\PROGRA~3\AVG January 2013 Campaign deleted
C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\lmar\AppData\Local\Unity deleted
C:\Users\lmar\Downloads\OpenVPN-Certificate-Bundle-Server1.zip deleted
C:\Users\lmar\AppData\LocalLow\Unity deleted
C:\Windows\Syswow64\tmp3DAF.tmp deleted
C:\Windows\Syswow64\tmp3E0E.tmp deleted
C:\Windows\Syswow64\Hotspot Shield deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
"C:\Users\lmar\AppData\Roaming\Ukc\adopfud.ere" deleted
"C:\Users\lmar\AppData\Roaming\Ukc\adopfud.tmp" deleted
"C:\Users\lmar\AppData\Roaming\Ukc" deleted
 
==== Orphaned Tasks deleted from Registry ======================
 
1015tbUpdateInfo deleted
 
==== Firefox Start and Search pages ======================
 
ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\90oi0mv2.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
ProfilePath: C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [12/16/2011 07:31 PM]
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default
- DivX Plus Web Player HTML5 lt;videogt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
- Updated Ad Blocker for Firefox 11 - %ProfilePath%\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\lmar\AppData\Roaming\Mozilla\Firefox\Profiles\r6indgd7.default
AF661355EBAB898EB92D5454AEF93CE0 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
 
 
==== Chromium Look ======================
 
Google Chrome Version: 46.0.2490.86
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12/12/2011 02:13 PM]
 
Chrome Media Router - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Chrome Media Router - lmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
 
==== Chromium Fix ======================
 
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
 
==== All HKLM and HKCU SearchScopes ======================
 
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.co...q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/...Box&FORM=IE8SRC
 
==== Reset Google Chrome ======================
 
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\lmar\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\lmar\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\lmar\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\lmar\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
 
==== Empty FireFox Cache ======================
 
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\90oi0mv2.default\cache2 emptied successfully
 
==== Empty Chrome Cache ======================
 
C:\Users\lmar\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\lmar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=87 folders=58 57837516 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Admin\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\lmar\AppData\Local\Temp will be emptied at reboot
C:\Users\postgres\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\lmar\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\Users\lmar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
 
==== EOF on Tue 11/15/2016 at 18:41:24.99 ======================

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP