Computer gesperrt, Bundespolizei

Mike12 · 19.07.2013, 13:50

Hallo zusammen,

auch ich habe wie einige andere ein Problem mit dem Bundespolizei-Trojaner: Entsperren nach Zahlung.
Jetzt habe ich Windows 7 mit dem Vaio Recovery Tool wieder zurückgesetzt, und ich habe auch wieder Zugriff auf meinen Rechner. Bevor ich wieder Software installiere würde ich gerne auf Nummer sicher gehen, dass mein Rechner wirklich entseucht ist - so ganz traue ich dem Frieden nicht...
Wäre schön, wenn mir jemand hilft. Danke!

schrauber · 19.07.2013, 13:56

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Mike12 · 19.07.2013, 15:39

Hallo,

hier die logfiles:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-07-2013
Ran by RW (administrator) on 19-07-2013 16:34:05
Running from C:\Users\RW\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(InterVideo) c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sophos Plc) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Sophos Plc) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jucheck.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Plus HD) C:\program files (x86)\plus-hd-2.3\plus-hd-2.3-bg.exe
(Adobe Systems, Inc.) C:\Windows\SysWow64\Macromed\Flash\FlashUtil10a.exe
() C:\Users\RW\Qtrax\Player\notification.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [208384 2009-08-03] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-24] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-08-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Runonce: [Del484289] - cmd.exe /Q /D /c del "C:\Users\RW\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\Runonce: [Del529935] - cmd.exe /Q /D /c del "C:\Users\RW\AppData\Local\Temp\0.del" [x]
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [QtraxNotification] - C:\Users\RW\Qtrax\Player\Notification.exe [110888 2013-07-08] ()
HKCU\...\Runonce: [Del484289] - cmd.exe /Q /D /c del "C:\Users\RW\AppData\Local\Temp\0.del" [x]
HKCU\...\Runonce: [Del529935] - cmd.exe /Q /D /c del "C:\Users\RW\AppData\Local\Temp\0.del" [x]
HKCU\...\Runonce: [Qtrax] - C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe 330160670.portal.qtrax.com [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" [148888 2009-08-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [317288 2009-05-26] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] - "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-07-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [538472 2009-06-17] (Symantec Corporation)
HKLM-x32\...\Run: [MarketingTools] - C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [26624 2013-07-19] (Sony Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll  [2521040 2013-05-23] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sophos AutoUpdate Monitor.lnk
ShortcutTarget: Sophos AutoUpdate Monitor.lnk -> C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=E01B0024D63D2A24&affID=119357&tsp=4948
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E01B0024D63D2A24&affID=119357&tsp=4948
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E01B0024D63D2A24&affID=119357&tsp=4948
SearchScopes: HKCU - {2836DF67-69C4-4079-A2EF-3AE9ED076131} URL = hxxp://services.zinio.com/search?s={selection}&rf=sonyslices
SearchScopes: HKCU - {67E027F9-491D-4552-9C9D-DE1726B7FC5E} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {B712BDD9-D446-414E-A7A9-1BB225B65ED3} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Plus-HD-2.3 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files (x86)\Super_Lyrics\124.dll (Super Add-on Software)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files (x86)\Super_Lyrics\116.dll No File
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 78.42.43.62 82.212.62.62

Chrome: 
=======
CHR Extension: (Super Lyrics) - C:\Users\RW\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho\1.116
CHR Extension: (DealPly Shopping  ) - C:\Users\RW\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.0.0_0

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-06-26] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-06-26] (Sonic Solutions)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-24] (Realtek Semiconductor)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-07-27] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-07-27] (Sony Corporation)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [175144 2009-09-04] (Sophos Plc)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-07-23] (Sony Corporation)
R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-07-23] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-07-23] (Sony Corporation)
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-19 16:33 - 2013-07-19 16:33 - 00000000 ____D C:\Users\RW\Qtrax
2013-07-19 16:33 - 2013-07-19 16:33 - 00000000 ____D C:\FRST
2013-07-19 16:32 - 2013-07-19 16:32 - 01778207 _____ (Farbar) C:\Users\RW\Desktop\FRST64.exe
2013-07-19 16:29 - 2013-07-19 16:29 - 00003778 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-19 16:29 - 2013-07-19 16:29 - 00002371 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-19 16:29 - 2013-07-19 16:29 - 00002341 _____ C:\Users\RW\Desktop\Qtrax Player.lnk
2013-07-19 16:28 - 2013-07-19 16:28 - 00003480 _____ C:\Windows\System32\Tasks\DealPly
2013-07-19 16:28 - 2013-07-19 16:28 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-19 16:28 - 2013-07-19 16:28 - 00003368 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-19 16:28 - 2013-07-19 16:28 - 00003360 _____ C:\Windows\System32\Tasks\DealPlyUpdate
2013-07-19 16:28 - 2013-07-19 16:28 - 00003036 _____ C:\Windows\System32\Tasks\Super Lyrics Update
2013-07-19 16:28 - 2013-07-19 16:28 - 00000394 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\Zip Opener Packages
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\DealPly
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\Super_Lyrics
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-07-19 16:27 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\BabSolution
2013-07-19 16:27 - 2013-07-19 16:27 - 00004222 _____ C:\Windows\System32\Tasks\Plus-HD-2.3-codedownloader
2013-07-19 16:27 - 2013-07-19 16:27 - 00004218 _____ C:\Windows\System32\Tasks\Plus-HD-2.3-updater
2013-07-19 16:27 - 2013-07-19 16:27 - 00004122 _____ C:\Windows\System32\Tasks\Plus-HD-2.3-enabler
2013-07-19 16:27 - 2013-07-19 16:27 - 00003200 _____ C:\Windows\System32\Tasks\DSite
2013-07-19 16:27 - 2013-07-19 16:27 - 00001192 _____ C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2013-07-19 16:27 - 2013-07-19 16:27 - 00001188 _____ C:\Windows\Tasks\Plus-HD-2.3-updater.job
2013-07-19 16:27 - 2013-07-19 16:27 - 00001110 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-19 16:27 - 2013-07-19 16:27 - 00001092 _____ C:\Windows\Tasks\Plus-HD-2.3-enabler.job
2013-07-19 16:27 - 2013-07-19 16:27 - 00000274 _____ C:\Windows\Tasks\DSite.job
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\Macromedia
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\DSite
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\Babylon
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\ProgramData\Babylon
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-19 16:26 - 2013-07-19 16:26 - 00793536 _____ C:\Users\RW\Desktop\ZipOpenerSetup.exe
2013-07-19 16:22 - 2013-07-19 16:22 - 00000000 ____D C:\Users\RW\AppData\Roaming\Adobe
2013-07-19 09:43 - 2010-01-09 09:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2013-07-19 09:43 - 2010-01-09 08:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2013-07-19 09:42 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-07-19 09:42 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-07-19 09:42 - 2012-02-15 06:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-07-19 09:42 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-07-19 09:42 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20130719-094223.backup
2013-07-19 09:37 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-19 09:37 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-19 09:37 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-19 09:37 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-07-19 09:37 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-07-19 09:37 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-19 09:37 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-19 09:37 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-19 09:37 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-19 09:30 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Local\Google
2013-07-19 09:30 - 2013-07-19 09:30 - 00002766 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-19 09:30 - 2013-07-19 09:30 - 00000000 ____D C:\Users\RW\AppData\Roaming\Google
2013-07-19 09:30 - 2013-07-19 09:30 - 00000000 ____D C:\Program Files\CCleaner
2013-07-19 09:28 - 2013-07-19 09:44 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-07-19 09:28 - 2013-07-19 09:29 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-19 09:28 - 2013-07-19 09:28 - 00001258 _____ C:\Users\RW\Desktop\Spybot - Search & Destroy.lnk
2013-07-19 09:26 - 2013-07-19 09:26 - 00000000 ____D C:\ProgramData\Sophos
2013-07-19 09:26 - 2013-07-19 09:26 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-07-19 07:15 - 2013-07-19 06:50 - 00000000 ____D C:\Program Files\Sony
2013-07-19 07:02 - 2013-07-19 07:02 - 00000355 _____ C:\Users\RW\Desktop\Computer.lnk
2013-07-19 07:01 - 2013-07-19 07:01 - 00004270 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F2328C33-FB83-4F51-A886-B0D5FB051D6C}
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Roaming\ATI
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\Sony_Corporation
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\ATI
2013-07-19 07:00 - 2013-07-19 07:00 - 00090992 _____ C:\Users\RW\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-19 07:00 - 2013-07-19 07:00 - 00031480 _____ C:\Windows\ie8_main.log
2013-07-19 07:00 - 2013-07-19 07:00 - 00001439 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00001405 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\SysWOW64\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\system32\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Roaming\Sony Corporation
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Local\VirtualStore
2013-07-19 06:59 - 2013-07-19 16:33 - 00000000 ____D C:\Users\RW
2013-07-19 06:59 - 2013-07-19 06:59 - 00000020 ___SH C:\Users\RW\ntuser.ini
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-19 06:59 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-07-19 06:59 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-07-19 06:51 - 2013-07-19 06:51 - 00004358 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2013-07-19 06:49 - 2013-07-19 09:23 - 00385430 _____ C:\Windows\PFRO.log
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\Documentation
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\_FS_SWRINFO
2013-07-19 06:47 - 2013-07-19 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-07-19 06:46 - 2013-07-19 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-07-19 06:45 - 2013-07-19 06:45 - 00196608 _____ C:\Windows\ocsetup_install_OEMHelpCustomization.etl
2013-07-19 06:45 - 2013-07-19 06:45 - 00028728 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\VAIO FW screensavers
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\Sony Corporation
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 _____ C:\Windows\VAIOUpdt.INI
2013-07-19 06:45 - 2009-07-20 22:03 - 00000008 _____ C:\Windows\SysWOW64\FW_version.txt
2013-07-19 06:43 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-07-19 06:42 - 2009-07-01 11:49 - 00098304 _____ (Sony Corporation) C:\Windows\SysWOW64\VESWinlogon.dll
2013-07-19 06:40 - 2013-07-19 06:40 - 00001372 _____ C:\Windows\xpsp1hfm.log
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Uninstall
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Sonic
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files\Roxio
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files (x86)\Roxio
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-19 06:39 - 2009-05-21 02:56 - 00072176 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe
2013-07-19 06:39 - 2009-05-15 12:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2013-07-19 06:39 - 2009-05-15 12:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2013-07-19 06:39 - 2009-05-11 20:42 - 00133616 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll
2013-07-19 06:37 - 2013-07-19 06:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2013-07-19 06:36 - 2013-07-19 06:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-19 06:34 - 2013-07-19 06:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-19 06:34 - 2013-07-19 06:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-19 06:34 - 2013-07-19 06:34 - 00000000 __RHD C:\MSOCache
2013-07-19 06:33 - 2013-07-19 06:33 - 00000000 ____D C:\ProgramData\SiteAdvisor
2013-07-19 06:31 - 2013-07-19 09:24 - 00000000 ____D C:\ProgramData\McAfee
2013-07-19 06:30 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2013-07-19 06:30 - 2013-07-19 06:30 - 00000000 ____D C:\ProgramData\Partner
2013-07-19 06:30 - 2013-07-19 06:30 - 00000000 ____D C:\ProgramData\Google
2013-07-19 06:30 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files\Google
2013-07-19 06:30 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-19 06:30 - 2009-08-03 22:15 - 00002835 _____ C:\Windows\SysWOW64\McOEMAppRules.dat
2013-07-19 06:30 - 2009-08-03 22:15 - 00001253 _____ C:\Windows\SysWOW64\Mdat_1.3.00.0907310.txt
2013-07-19 06:30 - 2009-05-26 14:32 - 00019968 _____ (ArcSoft, Inc.) C:\Windows\system32\Drivers\ArcSoftKsUFilter.sys
2013-07-19 06:30 - 2005-04-27 16:36 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
2013-07-19 06:30 - 1995-07-31 13:44 - 00212480 _____ (Eastman Kodak) C:\Windows\SysWOW64\PCDLIB32.DLL
2013-07-19 06:28 - 2013-07-19 06:29 - 00000187 _____ C:\Installer_Setup.log
2013-07-19 06:28 - 2013-07-19 06:28 - 00000000 ____D C:\ProgramData\ATI
2013-07-19 06:27 - 2013-07-19 06:27 - 00000040 ____H C:\Windows\system32\ivireg.ivr
2013-07-19 06:27 - 2013-07-19 06:27 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-07-19 06:26 - 2013-07-19 06:26 - 00000000 ____D C:\Program Files (x86)\InterVideo
2013-07-19 06:25 - 2013-07-19 06:43 - 00174874 _____ C:\Windows\DirectX.log
2013-07-19 06:25 - 2013-07-19 06:25 - 00489182 _____ C:\vcredist_x86.log
2013-07-19 06:25 - 2013-07-19 06:25 - 00000000 ____D C:\Windows\{AEC0FEE6-3A76-44E1-97A2-5DA325DFC41C}
2013-07-19 06:25 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-07-19 06:25 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-07-19 06:25 - 2007-01-08 15:30 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-07-19 06:25 - 2007-01-08 15:30 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-07-19 06:25 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-07-19 06:25 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-07-19 06:25 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-07-19 06:25 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-07-19 06:25 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-07-19 06:25 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-07-19 06:25 - 2006-09-28 16:04 - 00091928 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-07-19 06:25 - 2006-09-28 16:04 - 00068888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-07-19 06:25 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-07-19 06:25 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-07-19 06:25 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-07-19 06:25 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-07-19 06:25 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-07-19 06:25 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-07-19 06:25 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-07-19 06:25 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-07-19 06:25 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-07-19 06:25 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-07-19 06:25 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-07-19 06:25 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-07-19 06:25 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-07-19 06:25 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-07-19 06:25 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-07-19 06:25 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-07-19 06:25 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-07-19 06:25 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-07-19 06:25 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-07-19 06:25 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-07-19 06:25 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-07-19 06:25 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-07-19 06:25 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-07-19 06:25 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-07-19 06:25 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-07-19 06:25 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-07-19 06:25 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-07-19 06:25 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-07-19 06:24 - 2013-07-19 09:47 - 00415835 _____ C:\Windows\WindowsUpdate.log
2013-07-19 06:24 - 2013-07-19 06:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-07-19 06:22 - 2009-05-20 12:00 - 00055280 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2013-07-19 06:21 - 2013-07-19 06:25 - 00000000 ____D C:\ProgramData\Adobe
2013-07-19 06:21 - 2013-07-19 06:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-19 06:20 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\Sony
2013-07-19 06:20 - 2013-07-19 06:20 - 00000000 ____D C:\Windows\Sonysys

==================== One Month Modified Files and Folders =======

2013-07-19 16:33 - 2013-07-19 16:33 - 00000000 ____D C:\Users\RW\Qtrax
2013-07-19 16:33 - 2013-07-19 16:33 - 00000000 ____D C:\FRST
2013-07-19 16:33 - 2013-07-19 06:59 - 00000000 ____D C:\Users\RW
2013-07-19 16:32 - 2013-07-19 16:32 - 01778207 _____ (Farbar) C:\Users\RW\Desktop\FRST64.exe
2013-07-19 16:31 - 2009-07-14 06:45 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-19 16:31 - 2009-07-14 06:45 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-19 16:29 - 2013-07-19 16:29 - 00003778 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-19 16:29 - 2013-07-19 16:29 - 00002371 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-19 16:29 - 2013-07-19 16:29 - 00002341 _____ C:\Users\RW\Desktop\Qtrax Player.lnk
2013-07-19 16:28 - 2013-07-19 16:28 - 00003480 _____ C:\Windows\System32\Tasks\DealPly
2013-07-19 16:28 - 2013-07-19 16:28 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-19 16:28 - 2013-07-19 16:28 - 00003368 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-19 16:28 - 2013-07-19 16:28 - 00003360 _____ C:\Windows\System32\Tasks\DealPlyUpdate
2013-07-19 16:28 - 2013-07-19 16:28 - 00003036 _____ C:\Windows\System32\Tasks\Super Lyrics Update
2013-07-19 16:28 - 2013-07-19 16:28 - 00000394 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\Zip Opener Packages
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\DealPly
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\Super_Lyrics
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-07-19 16:28 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\BabSolution
2013-07-19 16:28 - 2013-07-19 09:30 - 00000000 ____D C:\Users\RW\AppData\Local\Google
2013-07-19 16:27 - 2013-07-19 16:27 - 00004222 _____ C:\Windows\System32\Tasks\Plus-HD-2.3-codedownloader
2013-07-19 16:27 - 2013-07-19 16:27 - 00004218 _____ C:\Windows\System32\Tasks\Plus-HD-2.3-updater
2013-07-19 16:27 - 2013-07-19 16:27 - 00004122 _____ C:\Windows\System32\Tasks\Plus-HD-2.3-enabler
2013-07-19 16:27 - 2013-07-19 16:27 - 00003200 _____ C:\Windows\System32\Tasks\DSite
2013-07-19 16:27 - 2013-07-19 16:27 - 00001192 _____ C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2013-07-19 16:27 - 2013-07-19 16:27 - 00001188 _____ C:\Windows\Tasks\Plus-HD-2.3-updater.job
2013-07-19 16:27 - 2013-07-19 16:27 - 00001110 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-19 16:27 - 2013-07-19 16:27 - 00001092 _____ C:\Windows\Tasks\Plus-HD-2.3-enabler.job
2013-07-19 16:27 - 2013-07-19 16:27 - 00000274 _____ C:\Windows\Tasks\DSite.job
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\Macromedia
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\DSite
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\Babylon
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\ProgramData\Babylon
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-19 16:27 - 2009-07-14 19:58 - 00643866 _____ C:\Windows\system32\perfh007.dat
2013-07-19 16:27 - 2009-07-14 19:58 - 00126394 _____ C:\Windows\system32\perfc007.dat
2013-07-19 16:27 - 2009-07-14 07:13 - 01472002 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-19 16:26 - 2013-07-19 16:26 - 00793536 _____ C:\Users\RW\Desktop\ZipOpenerSetup.exe
2013-07-19 16:24 - 2013-07-19 06:24 - 00415835 _____ C:\Windows\WindowsUpdate.log
2013-07-19 16:22 - 2013-07-19 16:22 - 00000000 ____D C:\Users\RW\AppData\Roaming\Adobe
2013-07-19 16:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-19 16:19 - 2009-07-14 06:51 - 00023361 _____ C:\Windows\setupact.log
2013-07-19 09:44 - 2013-07-19 09:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-07-19 09:35 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-07-19 09:30 - 2013-07-19 09:30 - 00002766 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-19 09:30 - 2013-07-19 09:30 - 00000000 ____D C:\Users\RW\AppData\Roaming\Google
2013-07-19 09:30 - 2013-07-19 09:30 - 00000000 ____D C:\Program Files\CCleaner
2013-07-19 09:29 - 2013-07-19 09:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-19 09:28 - 2013-07-19 09:28 - 00001258 _____ C:\Users\RW\Desktop\Spybot - Search & Destroy.lnk
2013-07-19 09:26 - 2013-07-19 09:26 - 00000000 ____D C:\ProgramData\Sophos
2013-07-19 09:26 - 2013-07-19 09:26 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-07-19 09:26 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2013-07-19 09:24 - 2013-07-19 06:31 - 00000000 ____D C:\ProgramData\McAfee
2013-07-19 09:23 - 2013-07-19 06:49 - 00385430 _____ C:\Windows\PFRO.log
2013-07-19 07:15 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-07-19 07:15 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-07-19 07:02 - 2013-07-19 07:02 - 00000355 _____ C:\Users\RW\Desktop\Computer.lnk
2013-07-19 07:01 - 2013-07-19 07:01 - 00004270 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F2328C33-FB83-4F51-A886-B0D5FB051D6C}
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Roaming\ATI
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\Sony_Corporation
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\ATI
2013-07-19 07:00 - 2013-07-19 07:00 - 00090992 _____ C:\Users\RW\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-19 07:00 - 2013-07-19 07:00 - 00031480 _____ C:\Windows\ie8_main.log
2013-07-19 07:00 - 2013-07-19 07:00 - 00001439 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00001405 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\SysWOW64\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\system32\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Roaming\Sony Corporation
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Local\VirtualStore
2013-07-19 06:59 - 2013-07-19 06:59 - 00000020 ___SH C:\Users\RW\ntuser.ini
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-19 06:59 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-19 06:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2013-07-19 06:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-19 06:54 - 2009-08-19 04:17 - 00000000 ____D C:\Windows\Panther
2013-07-19 06:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-07-19 06:51 - 2013-07-19 06:51 - 00004358 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2013-07-19 06:51 - 2009-07-14 06:46 - 00003043 _____ C:\Windows\DtcInstall.log
2013-07-19 06:50 - 2013-07-19 07:15 - 00000000 ____D C:\Program Files\Sony
2013-07-19 06:50 - 2009-08-18 20:12 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-07-19 06:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2013-07-19 06:49 - 2009-07-14 06:45 - 00377584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\Documentation
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\_FS_SWRINFO
2013-07-19 06:48 - 2009-08-18 18:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-19 06:48 - 2009-08-18 18:56 - 00036014 _____ C:\Windows\DPINST.LOG
2013-07-19 06:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-07-19 06:47 - 2013-07-19 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-07-19 06:47 - 2013-07-19 06:46 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-07-19 06:46 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-19 06:45 - 2013-07-19 06:45 - 00196608 _____ C:\Windows\ocsetup_install_OEMHelpCustomization.etl
2013-07-19 06:45 - 2013-07-19 06:45 - 00028728 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\VAIO FW screensavers
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\Sony Corporation
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 _____ C:\Windows\VAIOUpdt.INI
2013-07-19 06:45 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2013-07-19 06:45 - 2013-07-19 06:20 - 00000000 ____D C:\Program Files (x86)\Sony
2013-07-19 06:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-07-19 06:43 - 2013-07-19 06:25 - 00174874 _____ C:\Windows\DirectX.log
2013-07-19 06:42 - 2009-08-18 20:11 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2013-07-19 06:40 - 2013-07-19 06:40 - 00001372 _____ C:\Windows\xpsp1hfm.log
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Uninstall
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Sonic
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files\Roxio
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files (x86)\Roxio
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-19 06:38 - 2013-07-19 06:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-07-19 06:37 - 2013-07-19 06:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2013-07-19 06:37 - 2013-07-19 06:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-19 06:35 - 2013-07-19 06:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-19 06:35 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\ShellNew
2013-07-19 06:34 - 2013-07-19 06:34 - 00000000 __RHD C:\MSOCache
2013-07-19 06:33 - 2013-07-19 06:33 - 00000000 ____D C:\ProgramData\SiteAdvisor
2013-07-19 06:33 - 2009-07-14 04:34 - 00000435 _____ C:\Windows\win.ini
2013-07-19 06:30 - 2013-07-19 06:30 - 00000000 ____D C:\ProgramData\Partner
2013-07-19 06:30 - 2013-07-19 06:30 - 00000000 ____D C:\ProgramData\Google
2013-07-19 06:30 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files\Google
2013-07-19 06:30 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-19 06:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2013-07-19 06:29 - 2013-07-19 06:28 - 00000187 _____ C:\Installer_Setup.log
2013-07-19 06:28 - 2013-07-19 06:28 - 00000000 ____D C:\ProgramData\ATI
2013-07-19 06:27 - 2013-07-19 06:27 - 00000040 ____H C:\Windows\system32\ivireg.ivr
2013-07-19 06:27 - 2013-07-19 06:27 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-07-19 06:26 - 2013-07-19 06:26 - 00000000 ____D C:\Program Files (x86)\InterVideo
2013-07-19 06:25 - 2013-07-19 06:25 - 00489182 _____ C:\vcredist_x86.log
2013-07-19 06:25 - 2013-07-19 06:25 - 00000000 ____D C:\Windows\{AEC0FEE6-3A76-44E1-97A2-5DA325DFC41C}
2013-07-19 06:25 - 2013-07-19 06:21 - 00000000 ____D C:\ProgramData\Adobe
2013-07-19 06:24 - 2013-07-19 06:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-07-19 06:24 - 2013-07-19 06:21 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-19 06:20 - 2013-07-19 06:20 - 00000000 ____D C:\Windows\Sonysys
2013-07-19 06:20 - 2009-08-19 04:19 - 00000012 _____ C:\Windows\csup.txt
2013-07-19 06:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-07-19 06:17 - 2009-08-18 18:28 - 00003540 _____ C:\Windows\TSSysprep.log
2013-07-19 06:16 - 2009-08-18 18:58 - 00000000 ____D C:\Program Files\Apoint

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2009-08-18 18:25

==================== End Of Log ============================

--- --- ---

und die Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2013
Ran by RW at 2013-07-19 16:34:47
Running from C:\Users\RW\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.12.36)
Adobe Flash Player 10 Plugin (x32 Version: 10.0.12.36)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1)
Adobe Premiere Elements 7.0 (x32 Version: 7.0.1)
Adobe Reader 9.1 - Deutsch (x32 Version: 9.1.0)
Alps Pointing-device for VAIO
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.85)
ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.193)
ATI Catalyst Install Manager (Version: 3.0.732.0)
BrowserDefender (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Full New (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Light (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center InstallProxy (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Localization All (x32 Version: 2009.0710.1127.18698)
CCC Help Chinese Standard (x32 Version: 2009.0720.2144.37243)
CCC Help Chinese Traditional (x32 Version: 2009.0720.2144.37243)
CCC Help Czech (x32 Version: 2009.0720.2144.37243)
CCC Help Danish (x32 Version: 2009.0720.2144.37243)
CCC Help Dutch (x32 Version: 2009.0720.2144.37243)
CCC Help English (x32 Version: 2009.0720.2144.37243)
CCC Help Finnish (x32 Version: 2009.0720.2144.37243)
CCC Help French (x32 Version: 2009.0720.2144.37243)
CCC Help German (x32 Version: 2009.0720.2144.37243)
CCC Help Greek (x32 Version: 2009.0720.2144.37243)
CCC Help Hungarian (x32 Version: 2009.0720.2144.37243)
CCC Help Italian (x32 Version: 2009.0720.2144.37243)
CCC Help Japanese (x32 Version: 2009.0720.2144.37243)
CCC Help Korean (x32 Version: 2009.0720.2144.37243)
CCC Help Norwegian (x32 Version: 2009.0720.2144.37243)
CCC Help Polish (x32 Version: 2009.0720.2144.37243)
CCC Help Portuguese (x32 Version: 2009.0720.2144.37243)
CCC Help Russian (x32 Version: 2009.0720.2144.37243)
CCC Help Spanish (x32 Version: 2009.0720.2144.37243)
CCC Help Swedish (x32 Version: 2009.0720.2144.37243)
CCC Help Thai (x32 Version: 2009.0720.2144.37243)
CCC Help Turkish (x32 Version: 2009.0720.2144.37243)
ccc-core-static (x32 Version: 2009.0710.1127.18698)
ccc-utility64 (Version: 2009.0710.1127.18698)
Choice Guard (x32 Version: 1.2.87.0)
Click to Disc (x32 Version: 1.2.70.06160)
Click to Disc Editor (x32 Version: 2.0.02)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.4518.1014)
DealPly (HKCU)
DealPly (remove only) (x32 Version: 4.8.6.1)
Delta Chrome Toolbar (x32)
Delta toolbar   (x32 Version: 1.8.21.5)
Dolby Control Center (Version: 1.2.0702)
eaner (Version: 3.28)
Einstellungen für VAIO-Inhaltsüberwachung (x32 Version: 2.4.0.06120)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32)
Intel® Matrix Storage Manager
Java(TM) 6 Update 14 (64-bit) (Version: 6.0.140)
Java(TM) 6 Update 14 (x32 Version: 6.0.140)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 2 (SP2) (x32)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (x32)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server Compact 3.5 SP1 English (x32 Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP1 x64 English (Version: 3.5.5692.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Works (x32 Version: 9.7.0621)
MSVCRT (x32 Version: 14.0.1468.721)
Music Transfer (x32 Version: 1.3.01.13160)
MusicStation (x32 Version: 1.2.2.180)
Norton Online Backup (x32 Version: 1.2.20.0)
Open It! (x32 Version: 1.1.1)
Plus-HD-2.3 (x32 Version: 1.27.153.8)
Primo (x32 Version: 1.00.0000)
Qtrax Connection Manager (HKCU Version: 20.13.07.02)
Qtrax Player (HKCU)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.5897)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5886)
Regi (Version: 1.00.0000)
Roxio Central Audio (x32 Version: 3.8.0)
Roxio Central Copy (x32 Version: 3.8.0)
Roxio Central Core (x32 Version: 3.8.0)
Roxio Central Data (x32 Version: 3.8.0)
Roxio Central Tools (x32 Version: 3.8.0)
Roxio Easy Media Creator 10 LJ (x32 Version: 10.3)
Roxio Easy Media Creator Home (x32 Version: 10.3.121)
Runtime (x32 Version: 1.00.0000)
Setting Utility Series (x32 Version: 5.0.0.07300)
Skype™ 4.0 (x32 Version: 4.0.227)
Sony Home Network Library (x32 Version: 2.0.0.07280)
Sony Picture Utility (x32 Version: 4.2.12.16210)
Sophos AutoUpdate (x32 Version: 2.5.4)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Super Lyrics (x32)
Unterstützung für VAIO-Präsentation (x32 Version: 2.0.0.05270)
Update for Zip Opener (HKCU)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.5.0.06261)
VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.5.0.06260)
VAIO Content Metadata Manager Settings (x32 Version: 3.5.0.06260)
VAIO Content Metadata XML Interface Library (x32 Version: 3.5.0.06180)
VAIO Content Monitoring Settings (x32 Version: 2.4.0.06120)
VAIO Control Center (x32 Version: 4.0.0.06120)
VAIO Data Restore Tool (x32 Version: 1.1.01.06290)
VAIO DVD Menu Data Basic (x32 Version: 1.0.00.08130)
VAIO Energie Verwaltung (x32 Version: 4.0.0.07160)
VAIO Entertainment Platform (x32 Version: 3.5.0.07230)
VAIO Event Service (x32 Version: 5.0.0.07010)
VAIO FW screensaver (x32 Version: 1.0.0.0)
VAIO Gate (x32 Version: 1.0.0.08050)
VAIO Marketing Tools (x32)
VAIO Media plus (x32 Version: 2.0.0.07280)
VAIO Media plus Opening Movie (x32 Version: 1.2.0.09100)
VAIO Movie Story (x32 Version: 1.5.00.06191)
VAIO Movie Story Template Data (x32 Version: 1.5.00.06010)
VAIO Original Function Settings (x32 Version: 2.0.0.07010)
VAIO Original Funktion Einstellungen (x32 Version: 2.0.0.07010)
VAIO Premium Partners 1.00 (x32)
VAIO Smart Network (x32 Version: 3.0.0.08120)
VAIO Update 4 (x32 Version: 4.2.0.07300)
VAIO Wallpaper Contents (x32 Version: 2.0.0.06010)
VAIO-Support für Übertragungen (x32 Version: 1.0.0.07290)
VD64Inst (Version: 1.00.0000)
Wajam (x32 Version: 1.80)
WIDCOMM Bluetooth Software (Version: 6.2.0.9600)
Windows Live Anmelde-Assistent (x32 Version: 5.000.817.1)
Windows Live Call (x32 Version: 14.0.8050.1202)
Windows Live Communications Platform (x32 Version: 14.0.8050.1202)
Windows Live Essentials (x32 Version: 14.0.8050.1202)
Windows Live Messenger (x32 Version: 14.0.8050.1202)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
WinDVD BD for VAIO (x32 Version: 8.0.20.79)
Zip Opener Packages (HKCU)
Zip Opener Packages 87 (HKCU)

==================== Restore Points  =========================

19-07-2013 07:26:04 Installed Sophos Anti-Virus
19-07-2013 07:26:39 Installed Sophos AutoUpdate
19-07-2013 07:36:49 Windows Update
19-07-2013 07:43:01 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-19 09:42 - 00450371 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {18871FF2-164F-4AD7-9ED6-0D22B336E985} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2009-08-05] (Sony Corporation)
Task: {1B3C4044-97BC-4F86-BF14-2BF30D500B07} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {3BBBAA3C-EE7A-42C1-A677-8B2D61DF1C74} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {40A1AFC9-7A27-4866-8D3A-DBDD39CF51F3} - System32\Tasks\Plus-HD-2.3-codedownloader => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-07-19] (Plus HD)
Task: {41F30417-DDAD-4702-A2C0-4457AFEB737F} - System32\Tasks\DSite => C:\Users\RW\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-07-19] ()
Task: {4265D9C3-B267-464A-9DAE-CE79F4DB5884} - System32\Tasks\EPUpdater => C:\Users\RW\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {4F819418-A0D5-4B34-B707-CF05F233DBAE} - System32\Tasks\Super Lyrics Update => C:\Program Files (x86)\Super_Lyrics\SuperLupdater.exe [2013-07-18] (Super Add-on Software)
Task: {68A152AC-DDB8-4B1F-BBF2-F23ABC9D3C5F} - System32\Tasks\Plus-HD-2.3-updater => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-07-19] (Plus HD)
Task: {727D0B22-4269-42A9-A3BC-102DADBC633B} - System32\Tasks\SONY\VAIO Recovery Center\VAIO Reminder => C:\Program Files (x86)\Sony\VAIO Reminder\VAIOReminder.exe [2009-07-27] (Sony Corporation)
Task: {88991D28-B7F2-44E2-AD04-CF9B1D19A728} - System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244} => C:\Windows\system32\msfeedssync.exe [2009-07-14] (Microsoft Corporation)
Task: {A300329A-9685-43FF-86A0-AC8BBAD709F8} - System32\Tasks\DealPly => C:\Users\RW\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE [2013-02-27] ()
Task: {AB222130-C0E9-4BFD-8464-3331F95BE047} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {B7171258-AC18-497B-8C67-C6F639BCB993} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {BA3FBE3A-2750-482F-BD0A-D26689C668E6} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2009-07-30] (Sony Corporation)
Task: {CDC96CD0-0F95-4FA0-B97B-A7C73D081E99} - System32\Tasks\User_Feed_Synchronization-{F2328C33-FB83-4F51-A886-B0D5FB051D6C} => C:\Windows\system32\msfeedssync.exe [2009-07-14] (Microsoft Corporation)
Task: {EB70D698-5860-4ADD-897F-26A0B0B896C9} - System32\Tasks\Plus-HD-2.3-enabler => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-07-19] (Plus HD)
Task: {FE49DD07-4364-4BA1-9840-540FA8BF2CFE} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: C:\Windows\Tasks\DSite.job => ?
Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe
Task: C:\Windows\Tasks\Super Lyrics Update.job => C:\Program Files (x86)\Super_Lyrics\SuperLupdater.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2013 04:20:25 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (07/19/2013 04:16:22 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (07/19/2013 09:44:59 AM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (07/19/2013 09:33:35 AM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (07/19/2013 09:24:41 AM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (07/19/2013 09:18:49 AM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (07/19/2013 06:58:19 AM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (07/19/2013 06:50:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/19/2013 06:50:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/19/2013 06:50:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (07/19/2013 04:20:01 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.

Error: (07/19/2013 04:19:48 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (07/19/2013 04:19:48 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (07/19/2013 04:15:58 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.

Error: (07/19/2013 04:15:45 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (07/19/2013 04:15:45 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (07/19/2013 09:44:35 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.

Error: (07/19/2013 09:44:18 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (07/19/2013 09:44:18 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (07/19/2013 09:37:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sophos AutoUpdate Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 4063.02 MB
Available physical RAM: 2484.49 MB
Total Pagefile: 8124.2 MB
Available Pagefile: 6223.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:229.96 GB) (Free:205.93 GB) NTFS (Disk=0 Partition=3)
Drive d: (Daten) (Fixed) (Total:224.61 GB) (Free:190.84 GB) NTFS (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 353D0CB4)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=225 GB) - (Type=OF Extended)

==================== End Of Log ============================

schrauber · 19.07.2013, 15:41

GVU ist weg, aber jede menge Adware. Deinstalliere alles was:

Toolbar
Lyrics
BrowserDefender

im Namen hat. rebooten.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Mike12 · 19.07.2013, 18:12

So, das hat etwas gedauert...hier die Logfiles:

1. AdwCleaner

Code:

ATTFilter

# AdwCleaner v2.305 - Datei am 19/07/2013 um 17:26:28 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzer : RW - VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\RW\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : WajamUpdater

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Windows\Tasks\DSite.job
Datei Gelöscht : C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
Datei Gelöscht : C:\Windows\Tasks\Plus-HD-2.3-enabler.job
Datei Gelöscht : C:\Windows\Tasks\Plus-HD-2.3-updater.job
Gelöscht mit Neustart : C:\Program Files (x86)\DealPly
Gelöscht mit Neustart : C:\Program Files (x86)\Plus-HD-2.3
Gelöscht mit Neustart : C:\Program Files (x86)\Wajam
Gelöscht mit Neustart : C:\ProgramData\Babylon
Gelöscht mit Neustart : C:\ProgramData\BrowserDefender
Gelöscht mit Neustart : C:\ProgramData\Partner
Gelöscht mit Neustart : C:\Users\RW\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
Gelöscht mit Neustart : C:\Users\RW\AppData\Local\Temp\boost_interprocess
Gelöscht mit Neustart : C:\Users\RW\AppData\LocalLow\delta
Gelöscht mit Neustart : C:\Users\RW\AppData\Roaming\Babylon
Gelöscht mit Neustart : C:\Users\RW\AppData\Roaming\DealPly
Gelöscht mit Neustart : C:\Users\RW\AppData\Roaming\DSite
Gelöscht mit Neustart : C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Gelöscht mit Neustart : C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\DealPly
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311341126}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341126}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033426.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033426.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033426.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033426.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344344426}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341126}
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311341126}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322342226}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550355345526}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660366346626}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\e6df8bb03fe843
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345526}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346626}

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.7600.16385

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=E01B0024D63D2A24&affID=119357&tsp=4948 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=E01B0024D63D2A24&affID=119357&tsp=4948 --> hxxp://www.google.com

*************************

AdwCleaner[R1].txt - [8209 octets] - [19/07/2013 17:26:00]
AdwCleaner[S1].txt - [8156 octets] - [19/07/2013 17:26:28]

########## EOF - C:\AdwCleaner[S1].txt - [8216 octets] ##########

AdwCleaner 2. Durchlauf:

Code:

ATTFilter

# AdwCleaner v2.305 - Datei am 19/07/2013 um 17:34:20 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzer : RW - VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\RW\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Gelöscht mit Neustart : C:\Program Files (x86)\DealPly
Gelöscht mit Neustart : C:\Program Files (x86)\Plus-HD-2.3
Gelöscht mit Neustart : C:\Program Files (x86)\Wajam
Gelöscht mit Neustart : C:\ProgramData\Babylon
Gelöscht mit Neustart : C:\ProgramData\Partner

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Die Registrierungsdatenbank ist sauber.

*************************

AdwCleaner[R1].txt - [8209 octets] - [19/07/2013 17:26:00]
AdwCleaner[S1].txt - [8277 octets] - [19/07/2013 17:26:28]
AdwCleaner[S2].txt - [309 octets] - [19/07/2013 17:34:06]
AdwCleaner[S3].txt - [987 octets] - [19/07/2013 17:34:20]

########## EOF - C:\AdwCleaner[S3].txt - [1046 octets] ##########

Hier das JRT-Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Windows 7 Home Premium x64
Ran by RW on 19.07.2013 at 17:46:16,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9020890-9E08-446B-87B0-0C5CD0436D86}



~~~ Files

Successfully deleted: [File] C:\Windows\tasks\Super Lyrics Update.job



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\Program Files (x86)\dealply"
Successfully deleted: [Folder] "C:\Program Files (x86)\super_lyrics"
Successfully deleted: [Folder] "C:\Program Files (x86)\wajam"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.07.2013 at 17:51:27,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und der letze Durchgang von FRST:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-07-2013
Ran by RW (administrator) on 19-07-2013 17:52:05
Running from C:\Users\RW\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(InterVideo) c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
() C:\Users\RW\Qtrax\Player\notification.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [208384 2009-08-03] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-24] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-08-18] (Sun Microsystems, Inc.)
HKCU\...\Run: [QtraxNotification] - C:\Users\RW\Qtrax\Player\Notification.exe [110888 2013-07-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" [148888 2009-08-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [317288 2009-05-26] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] - "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-07-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [538472 2009-06-17] (Symantec Corporation)
HKLM-x32\...\Run: [MarketingTools] - C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [26624 2013-07-19] (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {2836DF67-69C4-4079-A2EF-3AE9ED076131} URL = hxxp://services.zinio.com/search?s={selection}&rf=sonyslices
SearchScopes: HKCU - {67E027F9-491D-4552-9C9D-DE1726B7FC5E} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {B712BDD9-D446-414E-A7A9-1BB225B65ED3} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files (x86)\Super_Lyrics\124.dll No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 78.42.43.62 82.212.62.62

Chrome: 
=======
CHR Extension: (Super Lyrics) - C:\Users\RW\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho\1.116

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-06-26] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-06-26] (Sonic Solutions)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-24] (Realtek Semiconductor)
S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-07-27] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-07-27] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-07-23] (Sony Corporation)
R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-07-23] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-07-23] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-19 17:51 - 2013-07-19 17:51 - 00001181 _____ C:\Users\RW\Desktop\JRT.txt
2013-07-19 17:46 - 2013-07-19 17:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-19 17:45 - 2013-07-19 17:45 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\RW\Desktop\JRT.exe
2013-07-19 17:34 - 2013-07-19 17:34 - 00001115 _____ C:\AdwCleaner[S3].txt
2013-07-19 17:34 - 2013-07-19 17:34 - 00000309 _____ C:\AdwCleaner[S2].txt
2013-07-19 17:26 - 2013-07-19 17:34 - 00001141 _____ C:\Windows\DeleteOnReboot.bat
2013-07-19 17:26 - 2013-07-19 17:26 - 00008277 _____ C:\AdwCleaner[S1].txt
2013-07-19 17:26 - 2013-07-19 17:26 - 00008209 _____ C:\AdwCleaner[R1].txt
2013-07-19 17:24 - 2013-07-19 17:24 - 00662345 _____ C:\Users\RW\Desktop\adwcleaner.exe
2013-07-19 17:16 - 2013-07-19 17:17 - 00000229 _____ C:\Users\RW\Desktop\Search.txt
2013-07-19 16:35 - 2013-05-02 02:06 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-07-19 16:34 - 2013-07-19 16:35 - 00018407 _____ C:\Users\RW\Desktop\Addition.txt
2013-07-19 16:33 - 2013-07-19 16:33 - 00000000 ____D C:\Users\RW\Qtrax
2013-07-19 16:33 - 2013-07-19 16:33 - 00000000 ____D C:\FRST
2013-07-19 16:32 - 2013-07-19 16:32 - 01778207 _____ (Farbar) C:\Users\RW\Desktop\FRST64.exe
2013-07-19 16:29 - 2013-07-19 16:29 - 00003778 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-19 16:29 - 2013-07-19 16:29 - 00002371 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-19 16:29 - 2013-07-19 16:29 - 00002341 _____ C:\Users\RW\Desktop\Qtrax Player.lnk
2013-07-19 16:28 - 2013-07-19 17:38 - 00000394 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-19 16:28 - 2013-07-19 16:28 - 00003480 _____ C:\Windows\System32\Tasks\DealPly
2013-07-19 16:28 - 2013-07-19 16:28 - 00003360 _____ C:\Windows\System32\Tasks\DealPlyUpdate
2013-07-19 16:28 - 2013-07-19 16:28 - 00003036 _____ C:\Windows\System32\Tasks\Super Lyrics Update
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\Zip Opener Packages
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-19 16:27 - 2013-07-19 16:27 - 00001110 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\Macromedia
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-19 16:26 - 2013-07-19 16:26 - 00793536 _____ C:\Users\RW\Desktop\ZipOpenerSetup.exe
2013-07-19 16:22 - 2013-07-19 16:22 - 00000000 ____D C:\Users\RW\AppData\Roaming\Adobe
2013-07-19 09:43 - 2010-01-09 09:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2013-07-19 09:43 - 2010-01-09 08:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2013-07-19 09:42 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-07-19 09:42 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-07-19 09:42 - 2012-02-15 06:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-07-19 09:42 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-07-19 09:42 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20130719-094223.backup
2013-07-19 09:37 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-19 09:37 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-19 09:37 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-19 09:37 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-07-19 09:37 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-07-19 09:37 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-19 09:37 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-19 09:37 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-19 09:37 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-19 09:30 - 2013-07-19 17:19 - 00000000 ____D C:\Users\RW\AppData\Local\Google
2013-07-19 09:30 - 2013-07-19 09:30 - 00002766 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-19 09:30 - 2013-07-19 09:30 - 00000000 ____D C:\Users\RW\AppData\Roaming\Google
2013-07-19 09:30 - 2013-07-19 09:30 - 00000000 ____D C:\Program Files\CCleaner
2013-07-19 09:28 - 2013-07-19 17:43 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-19 09:28 - 2013-07-19 17:43 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-07-19 09:26 - 2013-07-19 09:26 - 00000000 ____D C:\ProgramData\Sophos
2013-07-19 07:15 - 2013-07-19 06:50 - 00000000 ____D C:\Program Files\Sony
2013-07-19 07:02 - 2013-07-19 07:02 - 00000355 _____ C:\Users\RW\Desktop\Computer.lnk
2013-07-19 07:01 - 2013-07-19 07:01 - 00004270 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F2328C33-FB83-4F51-A886-B0D5FB051D6C}
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Roaming\ATI
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\Sony_Corporation
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\ATI
2013-07-19 07:00 - 2013-07-19 07:00 - 00090992 _____ C:\Users\RW\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-19 07:00 - 2013-07-19 07:00 - 00031480 _____ C:\Windows\ie8_main.log
2013-07-19 07:00 - 2013-07-19 07:00 - 00001439 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00001405 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\SysWOW64\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\system32\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Roaming\Sony Corporation
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Local\VirtualStore
2013-07-19 06:59 - 2013-07-19 16:33 - 00000000 ____D C:\Users\RW
2013-07-19 06:59 - 2013-07-19 06:59 - 00000020 ___SH C:\Users\RW\ntuser.ini
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-19 06:59 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-07-19 06:59 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-07-19 06:51 - 2013-07-19 06:51 - 00004358 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2013-07-19 06:49 - 2013-07-19 17:27 - 00389082 _____ C:\Windows\PFRO.log
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\Documentation
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\_FS_SWRINFO
2013-07-19 06:47 - 2013-07-19 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-07-19 06:46 - 2013-07-19 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-07-19 06:45 - 2013-07-19 06:45 - 00196608 _____ C:\Windows\ocsetup_install_OEMHelpCustomization.etl
2013-07-19 06:45 - 2013-07-19 06:45 - 00028728 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\VAIO FW screensavers
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\Sony Corporation
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 _____ C:\Windows\VAIOUpdt.INI
2013-07-19 06:45 - 2009-07-20 22:03 - 00000008 _____ C:\Windows\SysWOW64\FW_version.txt
2013-07-19 06:43 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-07-19 06:42 - 2009-07-01 11:49 - 00098304 _____ (Sony Corporation) C:\Windows\SysWOW64\VESWinlogon.dll
2013-07-19 06:40 - 2013-07-19 06:40 - 00001372 _____ C:\Windows\xpsp1hfm.log
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Uninstall
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Sonic
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files\Roxio
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files (x86)\Roxio
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-19 06:39 - 2009-05-21 02:56 - 00072176 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe
2013-07-19 06:39 - 2009-05-15 12:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2013-07-19 06:39 - 2009-05-15 12:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2013-07-19 06:39 - 2009-05-11 20:42 - 00133616 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll
2013-07-19 06:37 - 2013-07-19 06:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2013-07-19 06:36 - 2013-07-19 06:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-19 06:34 - 2013-07-19 06:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-19 06:34 - 2013-07-19 06:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-19 06:34 - 2013-07-19 06:34 - 00000000 __RHD C:\MSOCache
2013-07-19 06:33 - 2013-07-19 06:33 - 00000000 ____D C:\ProgramData\SiteAdvisor
2013-07-19 06:31 - 2013-07-19 09:24 - 00000000 ____D C:\ProgramData\McAfee
2013-07-19 06:30 - 2013-07-19 17:27 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-19 06:30 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2013-07-19 06:30 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files\Google
2013-07-19 06:30 - 2009-08-03 22:15 - 00002835 _____ C:\Windows\SysWOW64\McOEMAppRules.dat
2013-07-19 06:30 - 2009-08-03 22:15 - 00001253 _____ C:\Windows\SysWOW64\Mdat_1.3.00.0907310.txt
2013-07-19 06:30 - 2009-05-26 14:32 - 00019968 _____ (ArcSoft, Inc.) C:\Windows\system32\Drivers\ArcSoftKsUFilter.sys
2013-07-19 06:30 - 2005-04-27 16:36 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
2013-07-19 06:30 - 1995-07-31 13:44 - 00212480 _____ (Eastman Kodak) C:\Windows\SysWOW64\PCDLIB32.DLL
2013-07-19 06:28 - 2013-07-19 06:29 - 00000187 _____ C:\Installer_Setup.log
2013-07-19 06:28 - 2013-07-19 06:28 - 00000000 ____D C:\ProgramData\ATI
2013-07-19 06:27 - 2013-07-19 06:27 - 00000040 ____H C:\Windows\system32\ivireg.ivr
2013-07-19 06:27 - 2013-07-19 06:27 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-07-19 06:26 - 2013-07-19 06:26 - 00000000 ____D C:\Program Files (x86)\InterVideo
2013-07-19 06:25 - 2013-07-19 06:43 - 00174874 _____ C:\Windows\DirectX.log
2013-07-19 06:25 - 2013-07-19 06:25 - 00489182 _____ C:\vcredist_x86.log
2013-07-19 06:25 - 2013-07-19 06:25 - 00000000 ____D C:\Windows\{AEC0FEE6-3A76-44E1-97A2-5DA325DFC41C}
2013-07-19 06:25 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-07-19 06:25 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-07-19 06:25 - 2007-01-08 15:30 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-07-19 06:25 - 2007-01-08 15:30 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-07-19 06:25 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-07-19 06:25 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-07-19 06:25 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-07-19 06:25 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-07-19 06:25 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-07-19 06:25 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-07-19 06:25 - 2006-09-28 16:04 - 00091928 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-07-19 06:25 - 2006-09-28 16:04 - 00068888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-07-19 06:25 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-07-19 06:25 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-07-19 06:25 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-07-19 06:25 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-07-19 06:25 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-07-19 06:25 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-07-19 06:25 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-07-19 06:25 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-07-19 06:25 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-07-19 06:25 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-07-19 06:25 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-07-19 06:25 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-07-19 06:25 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-07-19 06:25 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-07-19 06:25 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-07-19 06:25 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-07-19 06:25 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-07-19 06:25 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-07-19 06:25 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-07-19 06:25 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-07-19 06:25 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-07-19 06:25 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-07-19 06:25 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-07-19 06:25 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-07-19 06:25 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-07-19 06:25 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-07-19 06:25 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-07-19 06:25 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-07-19 06:24 - 2013-07-19 17:34 - 00547433 _____ C:\Windows\WindowsUpdate.log
2013-07-19 06:24 - 2013-07-19 06:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-07-19 06:22 - 2009-05-20 12:00 - 00055280 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2013-07-19 06:21 - 2013-07-19 06:25 - 00000000 ____D C:\ProgramData\Adobe
2013-07-19 06:21 - 2013-07-19 06:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-19 06:20 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\Sony
2013-07-19 06:20 - 2013-07-19 06:20 - 00000000 ____D C:\Windows\Sonysys

==================== One Month Modified Files and Folders =======

2013-07-19 17:51 - 2013-07-19 17:51 - 00001181 _____ C:\Users\RW\Desktop\JRT.txt
2013-07-19 17:46 - 2013-07-19 17:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-19 17:45 - 2013-07-19 17:45 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\RW\Desktop\JRT.exe
2013-07-19 17:43 - 2013-07-19 09:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-19 17:43 - 2013-07-19 09:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-07-19 17:43 - 2009-07-14 19:58 - 00643866 _____ C:\Windows\system32\perfh007.dat
2013-07-19 17:43 - 2009-07-14 19:58 - 00126394 _____ C:\Windows\system32\perfc007.dat
2013-07-19 17:43 - 2009-07-14 07:13 - 01472002 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-19 17:43 - 2009-07-14 06:45 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-19 17:43 - 2009-07-14 06:45 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-19 17:38 - 2013-07-19 16:28 - 00000394 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-19 17:38 - 2013-07-19 06:24 - 00547433 _____ C:\Windows\WindowsUpdate.log
2013-07-19 17:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-19 17:35 - 2009-07-14 06:51 - 00023473 _____ C:\Windows\setupact.log
2013-07-19 17:34 - 2013-07-19 17:34 - 00001115 _____ C:\AdwCleaner[S3].txt
2013-07-19 17:34 - 2013-07-19 17:34 - 00000309 _____ C:\AdwCleaner[S2].txt
2013-07-19 17:34 - 2013-07-19 17:26 - 00001141 _____ C:\Windows\DeleteOnReboot.bat
2013-07-19 17:27 - 2013-07-19 06:49 - 00389082 _____ C:\Windows\PFRO.log
2013-07-19 17:27 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files\Google
2013-07-19 17:27 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-19 17:26 - 2013-07-19 17:26 - 00008277 _____ C:\AdwCleaner[S1].txt
2013-07-19 17:26 - 2013-07-19 17:26 - 00008209 _____ C:\AdwCleaner[R1].txt
2013-07-19 17:24 - 2013-07-19 17:24 - 00662345 _____ C:\Users\RW\Desktop\adwcleaner.exe
2013-07-19 17:19 - 2013-07-19 09:30 - 00000000 ____D C:\Users\RW\AppData\Local\Google
2013-07-19 17:17 - 2013-07-19 17:16 - 00000229 _____ C:\Users\RW\Desktop\Search.txt
2013-07-19 16:35 - 2013-07-19 16:34 - 00018407 _____ C:\Users\RW\Desktop\Addition.txt
2013-07-19 16:33 - 2013-07-19 16:33 - 00000000 ____D C:\Users\RW\Qtrax
2013-07-19 16:33 - 2013-07-19 16:33 - 00000000 ____D C:\FRST
2013-07-19 16:33 - 2013-07-19 06:59 - 00000000 ____D C:\Users\RW
2013-07-19 16:32 - 2013-07-19 16:32 - 01778207 _____ (Farbar) C:\Users\RW\Desktop\FRST64.exe
2013-07-19 16:29 - 2013-07-19 16:29 - 00003778 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-19 16:29 - 2013-07-19 16:29 - 00002371 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-19 16:29 - 2013-07-19 16:29 - 00002341 _____ C:\Users\RW\Desktop\Qtrax Player.lnk
2013-07-19 16:28 - 2013-07-19 16:28 - 00003480 _____ C:\Windows\System32\Tasks\DealPly
2013-07-19 16:28 - 2013-07-19 16:28 - 00003360 _____ C:\Windows\System32\Tasks\DealPlyUpdate
2013-07-19 16:28 - 2013-07-19 16:28 - 00003036 _____ C:\Windows\System32\Tasks\Super Lyrics Update
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\Zip Opener Packages
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-19 16:27 - 2013-07-19 16:27 - 00001110 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\Macromedia
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-19 16:26 - 2013-07-19 16:26 - 00793536 _____ C:\Users\RW\Desktop\ZipOpenerSetup.exe
2013-07-19 16:22 - 2013-07-19 16:22 - 00000000 ____D C:\Users\RW\AppData\Roaming\Adobe
2013-07-19 09:35 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-07-19 09:30 - 2013-07-19 09:30 - 00002766 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-19 09:30 - 2013-07-19 09:30 - 00000000 ____D C:\Users\RW\AppData\Roaming\Google
2013-07-19 09:30 - 2013-07-19 09:30 - 00000000 ____D C:\Program Files\CCleaner
2013-07-19 09:26 - 2013-07-19 09:26 - 00000000 ____D C:\ProgramData\Sophos
2013-07-19 09:26 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2013-07-19 09:24 - 2013-07-19 06:31 - 00000000 ____D C:\ProgramData\McAfee
2013-07-19 07:15 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-07-19 07:15 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-07-19 07:02 - 2013-07-19 07:02 - 00000355 _____ C:\Users\RW\Desktop\Computer.lnk
2013-07-19 07:01 - 2013-07-19 07:01 - 00004270 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F2328C33-FB83-4F51-A886-B0D5FB051D6C}
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Roaming\ATI
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\Sony_Corporation
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\ATI
2013-07-19 07:00 - 2013-07-19 07:00 - 00090992 _____ C:\Users\RW\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-19 07:00 - 2013-07-19 07:00 - 00031480 _____ C:\Windows\ie8_main.log
2013-07-19 07:00 - 2013-07-19 07:00 - 00001439 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00001405 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\SysWOW64\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\system32\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Roaming\Sony Corporation
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Local\VirtualStore
2013-07-19 06:59 - 2013-07-19 06:59 - 00000020 ___SH C:\Users\RW\ntuser.ini
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-19 06:59 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-19 06:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2013-07-19 06:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-19 06:54 - 2009-08-19 04:17 - 00000000 ____D C:\Windows\Panther
2013-07-19 06:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-07-19 06:51 - 2013-07-19 06:51 - 00004358 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2013-07-19 06:51 - 2009-07-14 06:46 - 00003043 _____ C:\Windows\DtcInstall.log
2013-07-19 06:50 - 2013-07-19 07:15 - 00000000 ____D C:\Program Files\Sony
2013-07-19 06:50 - 2009-08-18 20:12 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-07-19 06:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2013-07-19 06:49 - 2009-07-14 06:45 - 00377584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\Documentation
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\_FS_SWRINFO
2013-07-19 06:48 - 2009-08-18 18:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-19 06:48 - 2009-08-18 18:56 - 00036014 _____ C:\Windows\DPINST.LOG
2013-07-19 06:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-07-19 06:47 - 2013-07-19 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-07-19 06:47 - 2013-07-19 06:46 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-07-19 06:46 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-19 06:45 - 2013-07-19 06:45 - 00196608 _____ C:\Windows\ocsetup_install_OEMHelpCustomization.etl
2013-07-19 06:45 - 2013-07-19 06:45 - 00028728 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\VAIO FW screensavers
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\Sony Corporation
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 _____ C:\Windows\VAIOUpdt.INI
2013-07-19 06:45 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2013-07-19 06:45 - 2013-07-19 06:20 - 00000000 ____D C:\Program Files (x86)\Sony
2013-07-19 06:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-07-19 06:43 - 2013-07-19 06:25 - 00174874 _____ C:\Windows\DirectX.log
2013-07-19 06:42 - 2009-08-18 20:11 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2013-07-19 06:40 - 2013-07-19 06:40 - 00001372 _____ C:\Windows\xpsp1hfm.log
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Uninstall
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Sonic
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files\Roxio
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files (x86)\Roxio
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-19 06:38 - 2013-07-19 06:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-07-19 06:37 - 2013-07-19 06:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2013-07-19 06:37 - 2013-07-19 06:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-19 06:35 - 2013-07-19 06:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-19 06:35 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\ShellNew
2013-07-19 06:34 - 2013-07-19 06:34 - 00000000 __RHD C:\MSOCache
2013-07-19 06:33 - 2013-07-19 06:33 - 00000000 ____D C:\ProgramData\SiteAdvisor
2013-07-19 06:33 - 2009-07-14 04:34 - 00000435 _____ C:\Windows\win.ini
2013-07-19 06:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2013-07-19 06:29 - 2013-07-19 06:28 - 00000187 _____ C:\Installer_Setup.log
2013-07-19 06:28 - 2013-07-19 06:28 - 00000000 ____D C:\ProgramData\ATI
2013-07-19 06:27 - 2013-07-19 06:27 - 00000040 ____H C:\Windows\system32\ivireg.ivr
2013-07-19 06:27 - 2013-07-19 06:27 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-07-19 06:26 - 2013-07-19 06:26 - 00000000 ____D C:\Program Files (x86)\InterVideo
2013-07-19 06:25 - 2013-07-19 06:25 - 00489182 _____ C:\vcredist_x86.log
2013-07-19 06:25 - 2013-07-19 06:25 - 00000000 ____D C:\Windows\{AEC0FEE6-3A76-44E1-97A2-5DA325DFC41C}
2013-07-19 06:25 - 2013-07-19 06:21 - 00000000 ____D C:\ProgramData\Adobe
2013-07-19 06:24 - 2013-07-19 06:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-07-19 06:24 - 2013-07-19 06:21 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-19 06:20 - 2013-07-19 06:20 - 00000000 ____D C:\Windows\Sonysys
2013-07-19 06:20 - 2009-08-19 04:19 - 00000012 _____ C:\Windows\csup.txt
2013-07-19 06:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-07-19 06:17 - 2009-08-18 18:28 - 00003540 _____ C:\Windows\TSSysprep.log
2013-07-19 06:16 - 2009-08-18 18:58 - 00000000 ____D C:\Program Files\Apoint

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2009-08-18 18:25

==================== End Of Log ============================

--- --- ---

--- --- ---

und noch die Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2013
Ran by RW at 2013-07-19 17:52:33
Running from C:\Users\RW\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.12.36)
Adobe Flash Player 10 Plugin (x32 Version: 10.0.12.36)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1)
Adobe Premiere Elements 7.0 (x32 Version: 7.0.1)
Adobe Reader 9.1 - Deutsch (x32 Version: 9.1.0)
Alps Pointing-device for VAIO
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.85)
ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.193)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Full New (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Light (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center InstallProxy (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Localization All (x32 Version: 2009.0710.1127.18698)
CCC Help Chinese Standard (x32 Version: 2009.0720.2144.37243)
CCC Help Chinese Traditional (x32 Version: 2009.0720.2144.37243)
CCC Help Czech (x32 Version: 2009.0720.2144.37243)
CCC Help Danish (x32 Version: 2009.0720.2144.37243)
CCC Help Dutch (x32 Version: 2009.0720.2144.37243)
CCC Help English (x32 Version: 2009.0720.2144.37243)
CCC Help Finnish (x32 Version: 2009.0720.2144.37243)
CCC Help French (x32 Version: 2009.0720.2144.37243)
CCC Help German (x32 Version: 2009.0720.2144.37243)
CCC Help Greek (x32 Version: 2009.0720.2144.37243)
CCC Help Hungarian (x32 Version: 2009.0720.2144.37243)
CCC Help Italian (x32 Version: 2009.0720.2144.37243)
CCC Help Japanese (x32 Version: 2009.0720.2144.37243)
CCC Help Korean (x32 Version: 2009.0720.2144.37243)
CCC Help Norwegian (x32 Version: 2009.0720.2144.37243)
CCC Help Polish (x32 Version: 2009.0720.2144.37243)
CCC Help Portuguese (x32 Version: 2009.0720.2144.37243)
CCC Help Russian (x32 Version: 2009.0720.2144.37243)
CCC Help Spanish (x32 Version: 2009.0720.2144.37243)
CCC Help Swedish (x32 Version: 2009.0720.2144.37243)
CCC Help Thai (x32 Version: 2009.0720.2144.37243)
CCC Help Turkish (x32 Version: 2009.0720.2144.37243)
ccc-core-static (x32 Version: 2009.0710.1127.18698)
ccc-utility64 (Version: 2009.0710.1127.18698)
Choice Guard (x32 Version: 1.2.87.0)
Click to Disc (x32 Version: 1.2.70.06160)
Click to Disc Editor (x32 Version: 2.0.02)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.4518.1014)
Dolby Control Center (Version: 1.2.0702)
eaner (Version: 3.28)
Einstellungen für VAIO-Inhaltsüberwachung (x32 Version: 2.4.0.06120)
Intel® Matrix Storage Manager
Java(TM) 6 Update 14 (64-bit) (Version: 6.0.140)
Java(TM) 6 Update 14 (x32 Version: 6.0.140)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 2 (SP2) (x32)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (x32)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server Compact 3.5 SP1 English (x32 Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP1 x64 English (Version: 3.5.5692.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Works (x32 Version: 9.7.0621)
MSVCRT (x32 Version: 14.0.1468.721)
Music Transfer (x32 Version: 1.3.01.13160)
MusicStation (x32 Version: 1.2.2.180)
Norton Online Backup (x32 Version: 1.2.20.0)
Open It! (x32 Version: 1.1.1)
Plus-HD-2.3 (x32 Version: 1.27.153.8)
Primo (x32 Version: 1.00.0000)
Qtrax Connection Manager (HKCU Version: 20.13.07.02)
Qtrax Player (HKCU)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.5897)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5886)
Regi (Version: 1.00.0000)
Roxio Central Audio (x32 Version: 3.8.0)
Roxio Central Copy (x32 Version: 3.8.0)
Roxio Central Core (x32 Version: 3.8.0)
Roxio Central Data (x32 Version: 3.8.0)
Roxio Central Tools (x32 Version: 3.8.0)
Roxio Easy Media Creator 10 LJ (x32 Version: 10.3)
Roxio Easy Media Creator Home (x32 Version: 10.3.121)
Runtime (x32 Version: 1.00.0000)
Setting Utility Series (x32 Version: 5.0.0.07300)
Skype™ 4.0 (x32 Version: 4.0.227)
Sony Home Network Library (x32 Version: 2.0.0.07280)
Sony Picture Utility (x32 Version: 4.2.12.16210)
Super Lyrics (x32)
Unterstützung für VAIO-Präsentation (x32 Version: 2.0.0.05270)
Update for Zip Opener (HKCU)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.5.0.06261)
VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.5.0.06260)
VAIO Content Metadata Manager Settings (x32 Version: 3.5.0.06260)
VAIO Content Metadata XML Interface Library (x32 Version: 3.5.0.06180)
VAIO Content Monitoring Settings (x32 Version: 2.4.0.06120)
VAIO Control Center (x32 Version: 4.0.0.06120)
VAIO Data Restore Tool (x32 Version: 1.1.01.06290)
VAIO DVD Menu Data Basic (x32 Version: 1.0.00.08130)
VAIO Energie Verwaltung (x32 Version: 4.0.0.07160)
VAIO Entertainment Platform (x32 Version: 3.5.0.07230)
VAIO Event Service (x32 Version: 5.0.0.07010)
VAIO FW screensaver (x32 Version: 1.0.0.0)
VAIO Gate (x32 Version: 1.0.0.08050)
VAIO Marketing Tools (x32)
VAIO Media plus (x32 Version: 2.0.0.07280)
VAIO Media plus Opening Movie (x32 Version: 1.2.0.09100)
VAIO Movie Story (x32 Version: 1.5.00.06191)
VAIO Movie Story Template Data (x32 Version: 1.5.00.06010)
VAIO Original Function Settings (x32 Version: 2.0.0.07010)
VAIO Original Funktion Einstellungen (x32 Version: 2.0.0.07010)
VAIO Premium Partners 1.00 (x32)
VAIO Smart Network (x32 Version: 3.0.0.08120)
VAIO Update 4 (x32 Version: 4.2.0.07300)
VAIO Wallpaper Contents (x32 Version: 2.0.0.06010)
VAIO-Support für Übertragungen (x32 Version: 1.0.0.07290)
VD64Inst (Version: 1.00.0000)
WIDCOMM Bluetooth Software (Version: 6.2.0.9600)
Windows Live Anmelde-Assistent (x32 Version: 5.000.817.1)
Windows Live Call (x32 Version: 14.0.8050.1202)
Windows Live Communications Platform (x32 Version: 14.0.8050.1202)
Windows Live Essentials (x32 Version: 14.0.8050.1202)
Windows Live Messenger (x32 Version: 14.0.8050.1202)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
WinDVD BD for VAIO (x32 Version: 8.0.20.79)
Zip Opener Packages (HKCU)
Zip Opener Packages 87 (HKCU)

==================== Restore Points  =========================

19-07-2013 07:26:04 Installed Sophos Anti-Virus
19-07-2013 07:26:39 Installed Sophos AutoUpdate
19-07-2013 07:36:49 Windows Update
19-07-2013 07:43:01 Windows Update
19-07-2013 15:44:15 Removed Sophos AutoUpdate

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-19 09:42 - 00450371 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {18871FF2-164F-4AD7-9ED6-0D22B336E985} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2009-08-05] (Sony Corporation)
Task: {1B3C4044-97BC-4F86-BF14-2BF30D500B07} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {4F819418-A0D5-4B34-B707-CF05F233DBAE} - System32\Tasks\Super Lyrics Update => C:\Program Files (x86)\Super_Lyrics\SuperLupdater.exe No File
Task: {727D0B22-4269-42A9-A3BC-102DADBC633B} - System32\Tasks\SONY\VAIO Recovery Center\VAIO Reminder => C:\Program Files (x86)\Sony\VAIO Reminder\VAIOReminder.exe [2009-07-27] (Sony Corporation)
Task: {88991D28-B7F2-44E2-AD04-CF9B1D19A728} - System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244} => C:\Windows\system32\msfeedssync.exe [2009-07-14] (Microsoft Corporation)
Task: {8FF2658B-1144-4605-9195-6F5F1748A4F8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {A300329A-9685-43FF-86A0-AC8BBAD709F8} - System32\Tasks\DealPly => C:\Users\RW\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE No File
Task: {AB222130-C0E9-4BFD-8464-3331F95BE047} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {AD10A1E9-2F90-4807-B668-488C750A0B6D} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {BA3FBE3A-2750-482F-BD0A-D26689C668E6} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2009-07-30] (Sony Corporation)
Task: {CDC96CD0-0F95-4FA0-B97B-A7C73D081E99} - System32\Tasks\User_Feed_Synchronization-{F2328C33-FB83-4F51-A886-B0D5FB051D6C} => C:\Windows\system32\msfeedssync.exe [2009-07-14] (Microsoft Corporation)
Task: {FE49DD07-4364-4BA1-9840-540FA8BF2CFE} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: C:\Windows\Tasks\Super Lyrics Update.job => C:\Program Files (x86)\Super_Lyrics\SuperLupdater.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 4063.02 MB
Available physical RAM: 2747.6 MB
Total Pagefile: 8124.2 MB
Available Pagefile: 6555.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:229.96 GB) (Free:205.72 GB) NTFS (Disk=0 Partition=3)
Drive d: (Daten) (Fixed) (Total:224.61 GB) (Free:190.84 GB) NTFS (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 353D0CB4)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=225 GB) - (Type=OF Extended)

==================== End Of Log ============================

Da hat sich schon einiges getan...

Hallo,

ich habe inzwischen mal mit Spybot geprüft und insgesamt 14 Probleme gefunden:
DeltaToolbar (4 x in der Registry)
QTrax (9 Einträge)
RightMedia (1 Cookie)

Soll ich löschen oder hast du einen anderen Vorschlag?

schrauber · 19.07.2013, 20:09

Löschen, zeig mir das Log dann.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte.

Mike12 · 22.07.2013, 18:51

Hallo,

ich war einige Tage offline...hier das Logfile vom ESET-Scan:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a3956b4b3ffdea49856b280abb008ccc
# engine=14494
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-22 05:33:26
# local_time=2013-07-22 07:33:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=5893 16776573 100 94 0 126920077 0 0
# scanned=151464
# found=3
# cleaned=0
# scan_time=2794
sh=33C939CDA5080E64858FCD1009953B586AA3FD45 ft=1 fh=2c11f21f1e6fc743 vn="a variant of Win32/Adware.AddLyrics.I application" ac=I fn="C:\Users\RW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YK8R1XB6\SuperLyrics_1060-2024_v122[1]"
sh=33C939CDA5080E64858FCD1009953B586AA3FD45 ft=1 fh=2c11f21f1e6fc743 vn="a variant of Win32/Adware.AddLyrics.I application" ac=I fn="C:\Users\RW\AppData\Local\Temp\SLupd.exe"
sh=87E041AE95745EF00E495B8EC0F2C1AF1BB973AC ft=1 fh=f2520af334832d0f vn="a variant of Win32/Adware.AddLyrics.I application" ac=I fn="C:\Users\RW\AppData\Local\Temp\is357113909\SuperLyrics_1060-2024_v116.exe"

hier das Ergebnis vom SecurityCheck:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.70  
 Windows 7  x64 (UAC is enabled)  
 Out of date service pack!! 
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Spybot - Search & Destroy 
 Java(TM) 6 Update 14  
 Java version out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Reader 9 Adobe Reader out of Date! 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

und hier FRST:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-07-2013
Ran by RW (administrator) on 22-07-2013 19:49:31
Running from C:\Users\RW\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(InterVideo) c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Sophos Plc) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Sophos Plc) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [208384 2009-08-03] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-24] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-08-18] (Sun Microsystems, Inc.)
HKCU\...\Run: [QtraxNotification] - C:\Users\RW\Qtrax\Player\Notification.exe [x]
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" [148888 2009-08-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [317288 2009-05-26] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] - "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-07-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [538472 2009-06-17] (Symantec Corporation)
HKLM-x32\...\Run: [MarketingTools] - C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [26624 2013-07-19] (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sophos AutoUpdate Monitor.lnk
ShortcutTarget: Sophos AutoUpdate Monitor.lnk -> C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {2836DF67-69C4-4079-A2EF-3AE9ED076131} URL = hxxp://services.zinio.com/search?s={selection}&rf=sonyslices
SearchScopes: HKCU - {67E027F9-491D-4552-9C9D-DE1726B7FC5E} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {B712BDD9-D446-414E-A7A9-1BB225B65ED3} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files (x86)\Super_Lyrics\124.dll No File
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 78.42.43.62 82.212.62.62

Chrome: 
=======
CHR Extension: (Super Lyrics) - C:\Users\RW\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho\1.116

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-06-26] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-06-26] (Sonic Solutions)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-24] (Realtek Semiconductor)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-07-27] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-07-27] (Sony Corporation)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [175144 2009-09-04] (Sophos Plc)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-07-23] (Sony Corporation)
R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-07-23] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-07-23] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-22 19:45 - 2013-07-22 19:45 - 00891062 _____ C:\Users\RW\Desktop\SecurityCheck.exe
2013-07-19 19:47 - 2013-07-19 19:47 - 00001358 _____ C:\AdwCleaner[S4].txt
2013-07-19 19:46 - 2013-07-19 19:46 - 00001283 _____ C:\AdwCleaner[R2].txt
2013-07-19 19:41 - 2013-07-19 19:41 - 00000348 _____ C:\Windows\wininit.ini
2013-07-19 18:07 - 2013-07-19 18:07 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-07-19 17:51 - 2013-07-19 17:51 - 00001181 _____ C:\Users\RW\Desktop\JRT.txt
2013-07-19 17:46 - 2013-07-19 17:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-19 17:45 - 2013-07-19 17:45 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\RW\Desktop\JRT.exe
2013-07-19 17:34 - 2013-07-19 17:34 - 00001115 _____ C:\AdwCleaner[S3].txt
2013-07-19 17:34 - 2013-07-19 17:34 - 00000309 _____ C:\AdwCleaner[S2].txt
2013-07-19 17:26 - 2013-07-19 19:47 - 00001308 _____ C:\Windows\DeleteOnReboot.bat
2013-07-19 17:26 - 2013-07-19 17:26 - 00008277 _____ C:\AdwCleaner[S1].txt
2013-07-19 17:26 - 2013-07-19 17:26 - 00008209 _____ C:\AdwCleaner[R1].txt
2013-07-19 17:24 - 2013-07-19 17:24 - 00662345 _____ C:\Users\RW\Desktop\adwcleaner.exe
2013-07-19 17:16 - 2013-07-19 17:17 - 00000229 _____ C:\Users\RW\Desktop\Search.txt
2013-07-19 16:35 - 2013-05-02 02:06 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-07-19 16:34 - 2013-07-19 17:52 - 00012713 _____ C:\Users\RW\Desktop\Addition.txt
2013-07-19 16:33 - 2013-07-19 16:33 - 00000000 ____D C:\FRST
2013-07-19 16:32 - 2013-07-19 16:32 - 01778207 _____ (Farbar) C:\Users\RW\Desktop\FRST64.exe
2013-07-19 16:29 - 2013-07-19 16:29 - 00003778 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-19 16:28 - 2013-07-22 18:38 - 00000394 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-19 16:28 - 2013-07-19 16:28 - 00003480 _____ C:\Windows\System32\Tasks\DealPly
2013-07-19 16:28 - 2013-07-19 16:28 - 00003360 _____ C:\Windows\System32\Tasks\DealPlyUpdate
2013-07-19 16:28 - 2013-07-19 16:28 - 00003036 _____ C:\Windows\System32\Tasks\Super Lyrics Update
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\Zip Opener Packages
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-19 16:27 - 2013-07-19 16:27 - 00001110 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\Macromedia
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-19 16:26 - 2013-07-19 16:26 - 00793536 _____ C:\Users\RW\Desktop\ZipOpenerSetup.exe
2013-07-19 16:22 - 2013-07-19 16:22 - 00000000 ____D C:\Users\RW\AppData\Roaming\Adobe
2013-07-19 09:43 - 2010-01-09 09:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2013-07-19 09:43 - 2010-01-09 08:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2013-07-19 09:42 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-07-19 09:42 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-07-19 09:42 - 2012-02-15 06:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-07-19 09:42 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-07-19 09:42 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20130719-094223.backup
2013-07-19 09:37 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-19 09:37 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-19 09:37 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-19 09:37 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-07-19 09:37 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-07-19 09:37 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-19 09:37 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-19 09:37 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-19 09:37 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-19 09:30 - 2013-07-19 18:08 - 00000000 ____D C:\Program Files\CCleaner
2013-07-19 09:30 - 2013-07-19 17:19 - 00000000 ____D C:\Users\RW\AppData\Local\Google
2013-07-19 09:30 - 2013-07-19 09:30 - 00002766 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-19 09:30 - 2013-07-19 09:30 - 00000000 ____D C:\Users\RW\AppData\Roaming\Google
2013-07-19 09:28 - 2013-07-19 18:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-07-19 09:28 - 2013-07-19 18:11 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-19 09:26 - 2013-07-19 09:26 - 00000000 ____D C:\ProgramData\Sophos
2013-07-19 07:15 - 2013-07-19 06:50 - 00000000 ____D C:\Program Files\Sony
2013-07-19 07:02 - 2013-07-19 07:02 - 00000355 _____ C:\Users\RW\Desktop\Computer.lnk
2013-07-19 07:01 - 2013-07-22 19:30 - 00004270 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F2328C33-FB83-4F51-A886-B0D5FB051D6C}
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Roaming\ATI
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\Sony_Corporation
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\ATI
2013-07-19 07:00 - 2013-07-19 07:00 - 00090992 _____ C:\Users\RW\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-19 07:00 - 2013-07-19 07:00 - 00031480 _____ C:\Windows\ie8_main.log
2013-07-19 07:00 - 2013-07-19 07:00 - 00001439 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00001405 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\SysWOW64\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\system32\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Roaming\Sony Corporation
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Local\VirtualStore
2013-07-19 06:59 - 2013-07-19 19:41 - 00000000 ____D C:\Users\RW
2013-07-19 06:59 - 2013-07-19 06:59 - 00000020 ___SH C:\Users\RW\ntuser.ini
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-19 06:59 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-07-19 06:59 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-07-19 06:51 - 2013-07-19 06:51 - 00004358 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2013-07-19 06:49 - 2013-07-19 19:48 - 00390538 _____ C:\Windows\PFRO.log
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\Documentation
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\_FS_SWRINFO
2013-07-19 06:47 - 2013-07-19 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-07-19 06:46 - 2013-07-19 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-07-19 06:45 - 2013-07-19 06:45 - 00196608 _____ C:\Windows\ocsetup_install_OEMHelpCustomization.etl
2013-07-19 06:45 - 2013-07-19 06:45 - 00028728 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\VAIO FW screensavers
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\Sony Corporation
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 _____ C:\Windows\VAIOUpdt.INI
2013-07-19 06:45 - 2009-07-20 22:03 - 00000008 _____ C:\Windows\SysWOW64\FW_version.txt
2013-07-19 06:43 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-07-19 06:42 - 2009-07-01 11:49 - 00098304 _____ (Sony Corporation) C:\Windows\SysWOW64\VESWinlogon.dll
2013-07-19 06:40 - 2013-07-19 06:40 - 00001372 _____ C:\Windows\xpsp1hfm.log
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Uninstall
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Sonic
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files\Roxio
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files (x86)\Roxio
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-19 06:39 - 2009-05-21 02:56 - 00072176 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe
2013-07-19 06:39 - 2009-05-15 12:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2013-07-19 06:39 - 2009-05-15 12:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2013-07-19 06:39 - 2009-05-11 20:42 - 00133616 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll
2013-07-19 06:37 - 2013-07-19 06:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2013-07-19 06:36 - 2013-07-19 06:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-19 06:34 - 2013-07-19 06:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-19 06:34 - 2013-07-19 06:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-19 06:34 - 2013-07-19 06:34 - 00000000 __RHD C:\MSOCache
2013-07-19 06:33 - 2013-07-19 06:33 - 00000000 ____D C:\ProgramData\SiteAdvisor
2013-07-19 06:31 - 2013-07-19 09:24 - 00000000 ____D C:\ProgramData\McAfee
2013-07-19 06:30 - 2013-07-19 17:27 - 00000000 ____D C:\Program Files\Google
2013-07-19 06:30 - 2013-07-19 17:27 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-19 06:30 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2013-07-19 06:30 - 2009-08-03 22:15 - 00002835 _____ C:\Windows\SysWOW64\McOEMAppRules.dat
2013-07-19 06:30 - 2009-08-03 22:15 - 00001253 _____ C:\Windows\SysWOW64\Mdat_1.3.00.0907310.txt
2013-07-19 06:30 - 2009-05-26 14:32 - 00019968 _____ (ArcSoft, Inc.) C:\Windows\system32\Drivers\ArcSoftKsUFilter.sys
2013-07-19 06:30 - 2005-04-27 16:36 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
2013-07-19 06:30 - 1995-07-31 13:44 - 00212480 _____ (Eastman Kodak) C:\Windows\SysWOW64\PCDLIB32.DLL
2013-07-19 06:28 - 2013-07-19 06:29 - 00000187 _____ C:\Installer_Setup.log
2013-07-19 06:28 - 2013-07-19 06:28 - 00000000 ____D C:\ProgramData\ATI
2013-07-19 06:27 - 2013-07-19 06:27 - 00000040 ____H C:\Windows\system32\ivireg.ivr
2013-07-19 06:27 - 2013-07-19 06:27 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-07-19 06:26 - 2013-07-19 06:26 - 00000000 ____D C:\Program Files (x86)\InterVideo
2013-07-19 06:25 - 2013-07-19 06:43 - 00174874 _____ C:\Windows\DirectX.log
2013-07-19 06:25 - 2013-07-19 06:25 - 00489182 _____ C:\vcredist_x86.log
2013-07-19 06:25 - 2013-07-19 06:25 - 00000000 ____D C:\Windows\{AEC0FEE6-3A76-44E1-97A2-5DA325DFC41C}
2013-07-19 06:25 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-07-19 06:25 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-07-19 06:25 - 2007-01-08 15:30 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-07-19 06:25 - 2007-01-08 15:30 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-07-19 06:25 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-07-19 06:25 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-07-19 06:25 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-07-19 06:25 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-07-19 06:25 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-07-19 06:25 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-07-19 06:25 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-07-19 06:25 - 2006-09-28 16:04 - 00091928 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-07-19 06:25 - 2006-09-28 16:04 - 00068888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-07-19 06:25 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-07-19 06:25 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-07-19 06:25 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-07-19 06:25 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-07-19 06:25 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-07-19 06:25 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-07-19 06:25 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-07-19 06:25 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-07-19 06:25 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-07-19 06:25 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-07-19 06:25 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-07-19 06:25 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-07-19 06:25 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-07-19 06:25 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-07-19 06:25 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-07-19 06:25 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-07-19 06:25 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-07-19 06:25 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-07-19 06:25 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-07-19 06:25 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-07-19 06:25 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-07-19 06:25 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-07-19 06:25 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-07-19 06:25 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-07-19 06:25 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-07-19 06:25 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-07-19 06:25 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-07-19 06:25 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-07-19 06:24 - 2013-07-22 19:01 - 01829013 _____ C:\Windows\WindowsUpdate.log
2013-07-19 06:24 - 2013-07-19 06:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-07-19 06:22 - 2009-05-20 12:00 - 00055280 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2013-07-19 06:21 - 2013-07-19 06:25 - 00000000 ____D C:\ProgramData\Adobe
2013-07-19 06:21 - 2013-07-19 06:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-19 06:20 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\Sony
2013-07-19 06:20 - 2013-07-19 06:20 - 00000000 ____D C:\Windows\Sonysys

==================== One Month Modified Files and Folders =======

2013-07-22 19:45 - 2013-07-22 19:45 - 00891062 _____ C:\Users\RW\Desktop\SecurityCheck.exe
2013-07-22 19:30 - 2013-07-19 07:01 - 00004270 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F2328C33-FB83-4F51-A886-B0D5FB051D6C}
2013-07-22 19:01 - 2013-07-19 06:24 - 01829013 _____ C:\Windows\WindowsUpdate.log
2013-07-22 18:45 - 2009-07-14 19:58 - 00643866 _____ C:\Windows\system32\perfh007.dat
2013-07-22 18:45 - 2009-07-14 19:58 - 00126394 _____ C:\Windows\system32\perfc007.dat
2013-07-22 18:45 - 2009-07-14 07:13 - 01472002 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-22 18:45 - 2009-07-14 06:45 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-22 18:45 - 2009-07-14 06:45 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-22 18:42 - 2009-07-14 06:51 - 00024436 _____ C:\Windows\setupact.log
2013-07-22 18:38 - 2013-07-19 16:28 - 00000394 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-22 18:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-19 19:48 - 2013-07-19 06:49 - 00390538 _____ C:\Windows\PFRO.log
2013-07-19 19:47 - 2013-07-19 19:47 - 00001358 _____ C:\AdwCleaner[S4].txt
2013-07-19 19:47 - 2013-07-19 17:26 - 00001308 _____ C:\Windows\DeleteOnReboot.bat
2013-07-19 19:46 - 2013-07-19 19:46 - 00001283 _____ C:\AdwCleaner[R2].txt
2013-07-19 19:41 - 2013-07-19 19:41 - 00000348 _____ C:\Windows\wininit.ini
2013-07-19 19:41 - 2013-07-19 06:59 - 00000000 ____D C:\Users\RW
2013-07-19 18:49 - 2013-07-19 09:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-07-19 18:11 - 2013-07-19 09:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-19 18:08 - 2013-07-19 09:30 - 00000000 ____D C:\Program Files\CCleaner
2013-07-19 18:07 - 2013-07-19 18:07 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-07-19 17:52 - 2013-07-19 16:34 - 00012713 _____ C:\Users\RW\Desktop\Addition.txt
2013-07-19 17:51 - 2013-07-19 17:51 - 00001181 _____ C:\Users\RW\Desktop\JRT.txt
2013-07-19 17:46 - 2013-07-19 17:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-19 17:45 - 2013-07-19 17:45 - 00559341 _____ (Oleg N. Scherbakov) C:\Users\RW\Desktop\JRT.exe
2013-07-19 17:34 - 2013-07-19 17:34 - 00001115 _____ C:\AdwCleaner[S3].txt
2013-07-19 17:34 - 2013-07-19 17:34 - 00000309 _____ C:\AdwCleaner[S2].txt
2013-07-19 17:27 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files\Google
2013-07-19 17:27 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-19 17:26 - 2013-07-19 17:26 - 00008277 _____ C:\AdwCleaner[S1].txt
2013-07-19 17:26 - 2013-07-19 17:26 - 00008209 _____ C:\AdwCleaner[R1].txt
2013-07-19 17:24 - 2013-07-19 17:24 - 00662345 _____ C:\Users\RW\Desktop\adwcleaner.exe
2013-07-19 17:19 - 2013-07-19 09:30 - 00000000 ____D C:\Users\RW\AppData\Local\Google
2013-07-19 17:17 - 2013-07-19 17:16 - 00000229 _____ C:\Users\RW\Desktop\Search.txt
2013-07-19 16:33 - 2013-07-19 16:33 - 00000000 ____D C:\FRST
2013-07-19 16:32 - 2013-07-19 16:32 - 01778207 _____ (Farbar) C:\Users\RW\Desktop\FRST64.exe
2013-07-19 16:29 - 2013-07-19 16:29 - 00003778 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-19 16:28 - 2013-07-19 16:28 - 00003480 _____ C:\Windows\System32\Tasks\DealPly
2013-07-19 16:28 - 2013-07-19 16:28 - 00003360 _____ C:\Windows\System32\Tasks\DealPlyUpdate
2013-07-19 16:28 - 2013-07-19 16:28 - 00003036 _____ C:\Windows\System32\Tasks\Super Lyrics Update
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Users\RW\AppData\Roaming\Zip Opener Packages
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-19 16:28 - 2013-07-19 16:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-19 16:27 - 2013-07-19 16:27 - 00001110 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Users\RW\AppData\Roaming\Macromedia
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-07-19 16:27 - 2013-07-19 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-19 16:26 - 2013-07-19 16:26 - 00793536 _____ C:\Users\RW\Desktop\ZipOpenerSetup.exe
2013-07-19 16:22 - 2013-07-19 16:22 - 00000000 ____D C:\Users\RW\AppData\Roaming\Adobe
2013-07-19 09:42 - 2009-07-14 04:34 - 00450371 ____R C:\Windows\system32\Drivers\etc\hosts.20130719-185023.backup
2013-07-19 09:35 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-07-19 09:30 - 2013-07-19 09:30 - 00002766 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-19 09:30 - 2013-07-19 09:30 - 00000000 ____D C:\Users\RW\AppData\Roaming\Google
2013-07-19 09:26 - 2013-07-19 09:26 - 00000000 ____D C:\ProgramData\Sophos
2013-07-19 09:26 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2013-07-19 09:24 - 2013-07-19 06:31 - 00000000 ____D C:\ProgramData\McAfee
2013-07-19 07:15 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-07-19 07:15 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-07-19 07:02 - 2013-07-19 07:02 - 00000355 _____ C:\Users\RW\Desktop\Computer.lnk
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Roaming\ATI
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\Sony_Corporation
2013-07-19 07:01 - 2013-07-19 07:01 - 00000000 ____D C:\Users\RW\AppData\Local\ATI
2013-07-19 07:00 - 2013-07-19 07:00 - 00090992 _____ C:\Users\RW\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-19 07:00 - 2013-07-19 07:00 - 00031480 _____ C:\Windows\ie8_main.log
2013-07-19 07:00 - 2013-07-19 07:00 - 00001439 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00001405 _____ C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\SysWOW64\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RH C:\Windows\system32\Drivers\104D_Sony_VGN-FW54M.mrk
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___RD C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Roaming\Sony Corporation
2013-07-19 07:00 - 2013-07-19 07:00 - 00000000 ____D C:\Users\RW\AppData\Local\VirtualStore
2013-07-19 06:59 - 2013-07-19 06:59 - 00000020 ___SH C:\Users\RW\ntuser.ini
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\RW\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Programme
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-19 06:59 - 2013-07-19 06:59 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-19 06:59 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-19 06:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2013-07-19 06:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-19 06:54 - 2009-08-19 04:17 - 00000000 ____D C:\Windows\Panther
2013-07-19 06:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-07-19 06:51 - 2013-07-19 06:51 - 00004358 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2013-07-19 06:51 - 2009-07-14 06:46 - 00003043 _____ C:\Windows\DtcInstall.log
2013-07-19 06:50 - 2013-07-19 07:15 - 00000000 ____D C:\Program Files\Sony
2013-07-19 06:50 - 2009-08-18 20:12 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-07-19 06:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2013-07-19 06:49 - 2009-07-14 06:45 - 00377584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\Documentation
2013-07-19 06:48 - 2013-07-19 06:48 - 00000000 ____D C:\_FS_SWRINFO
2013-07-19 06:48 - 2009-08-18 18:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-19 06:48 - 2009-08-18 18:56 - 00036014 _____ C:\Windows\DPINST.LOG
2013-07-19 06:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-07-19 06:47 - 2013-07-19 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-07-19 06:47 - 2013-07-19 06:46 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-07-19 06:46 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-19 06:45 - 2013-07-19 06:45 - 00196608 _____ C:\Windows\ocsetup_install_OEMHelpCustomization.etl
2013-07-19 06:45 - 2013-07-19 06:45 - 00028728 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\VAIO FW screensavers
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 ____D C:\Program Files (x86)\Sony Corporation
2013-07-19 06:45 - 2013-07-19 06:45 - 00000000 _____ C:\Windows\VAIOUpdt.INI
2013-07-19 06:45 - 2013-07-19 06:30 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2013-07-19 06:45 - 2013-07-19 06:20 - 00000000 ____D C:\Program Files (x86)\Sony
2013-07-19 06:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-07-19 06:43 - 2013-07-19 06:25 - 00174874 _____ C:\Windows\DirectX.log
2013-07-19 06:42 - 2009-08-18 20:11 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2013-07-19 06:40 - 2013-07-19 06:40 - 00001372 _____ C:\Windows\xpsp1hfm.log
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Uninstall
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Sonic
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\ProgramData\Skype
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files\Roxio
2013-07-19 06:40 - 2013-07-19 06:40 - 00000000 ____D C:\Program Files (x86)\Roxio
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\ProgramData\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Symantec
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\MusicStation
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-19 06:39 - 2013-07-19 06:39 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-19 06:38 - 2013-07-19 06:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-07-19 06:37 - 2013-07-19 06:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2013-07-19 06:37 - 2013-07-19 06:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-19 06:35 - 2013-07-19 06:35 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-19 06:35 - 2013-07-19 06:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-19 06:35 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\ShellNew
2013-07-19 06:34 - 2013-07-19 06:34 - 00000000 __RHD C:\MSOCache
2013-07-19 06:33 - 2013-07-19 06:33 - 00000000 ____D C:\ProgramData\SiteAdvisor
2013-07-19 06:33 - 2009-07-14 04:34 - 00000435 _____ C:\Windows\win.ini
2013-07-19 06:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2013-07-19 06:29 - 2013-07-19 06:28 - 00000187 _____ C:\Installer_Setup.log
2013-07-19 06:28 - 2013-07-19 06:28 - 00000000 ____D C:\ProgramData\ATI
2013-07-19 06:27 - 2013-07-19 06:27 - 00000040 ____H C:\Windows\system32\ivireg.ivr
2013-07-19 06:27 - 2013-07-19 06:27 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-07-19 06:26 - 2013-07-19 06:26 - 00000000 ____D C:\Program Files (x86)\InterVideo
2013-07-19 06:25 - 2013-07-19 06:25 - 00489182 _____ C:\vcredist_x86.log
2013-07-19 06:25 - 2013-07-19 06:25 - 00000000 ____D C:\Windows\{AEC0FEE6-3A76-44E1-97A2-5DA325DFC41C}
2013-07-19 06:25 - 2013-07-19 06:21 - 00000000 ____D C:\ProgramData\Adobe
2013-07-19 06:24 - 2013-07-19 06:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-07-19 06:24 - 2013-07-19 06:21 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-19 06:20 - 2013-07-19 06:20 - 00000000 ____D C:\Windows\Sonysys
2013-07-19 06:20 - 2009-08-19 04:19 - 00000012 _____ C:\Windows\csup.txt
2013-07-19 06:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-07-19 06:17 - 2009-08-18 18:28 - 00003540 _____ C:\Windows\TSSysprep.log
2013-07-19 06:16 - 2009-08-18 18:58 - 00000000 ____D C:\Program Files\Apoint

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2009-08-18 18:25

==================== End Of Log ============================

--- --- ---

--- --- ---

und die Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2013
Ran by RW at 2013-07-22 19:49:58
Running from C:\Users\RW\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.12.36)
Adobe Flash Player 10 Plugin (x32 Version: 10.0.12.36)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1)
Adobe Premiere Elements 7.0 (x32 Version: 7.0.1)
Adobe Reader 9.1 - Deutsch (x32 Version: 9.1.0)
Alps Pointing-device for VAIO
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.85)
ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.193)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Full New (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Light (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center InstallProxy (x32 Version: 2009.0710.1127.18698)
Catalyst Control Center Localization All (x32 Version: 2009.0710.1127.18698)
CCC Help Chinese Standard (x32 Version: 2009.0720.2144.37243)
CCC Help Chinese Traditional (x32 Version: 2009.0720.2144.37243)
CCC Help Czech (x32 Version: 2009.0720.2144.37243)
CCC Help Danish (x32 Version: 2009.0720.2144.37243)
CCC Help Dutch (x32 Version: 2009.0720.2144.37243)
CCC Help English (x32 Version: 2009.0720.2144.37243)
CCC Help Finnish (x32 Version: 2009.0720.2144.37243)
CCC Help French (x32 Version: 2009.0720.2144.37243)
CCC Help German (x32 Version: 2009.0720.2144.37243)
CCC Help Greek (x32 Version: 2009.0720.2144.37243)
CCC Help Hungarian (x32 Version: 2009.0720.2144.37243)
CCC Help Italian (x32 Version: 2009.0720.2144.37243)
CCC Help Japanese (x32 Version: 2009.0720.2144.37243)
CCC Help Korean (x32 Version: 2009.0720.2144.37243)
CCC Help Norwegian (x32 Version: 2009.0720.2144.37243)
CCC Help Polish (x32 Version: 2009.0720.2144.37243)
CCC Help Portuguese (x32 Version: 2009.0720.2144.37243)
CCC Help Russian (x32 Version: 2009.0720.2144.37243)
CCC Help Spanish (x32 Version: 2009.0720.2144.37243)
CCC Help Swedish (x32 Version: 2009.0720.2144.37243)
CCC Help Thai (x32 Version: 2009.0720.2144.37243)
CCC Help Turkish (x32 Version: 2009.0720.2144.37243)
ccc-core-static (x32 Version: 2009.0710.1127.18698)
ccc-utility64 (Version: 2009.0710.1127.18698)
Choice Guard (x32 Version: 1.2.87.0)
Click to Disc (x32 Version: 1.2.70.06160)
Click to Disc Editor (x32 Version: 2.0.02)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.4518.1014)
Dolby Control Center (Version: 1.2.0702)
eaner (Version: 3.28)
Einstellungen für VAIO-Inhaltsüberwachung (x32 Version: 2.4.0.06120)
Intel® Matrix Storage Manager
Java(TM) 6 Update 14 (64-bit) (Version: 6.0.140)
Java(TM) 6 Update 14 (x32 Version: 6.0.140)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 2 (SP2) (x32)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (x32)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server Compact 3.5 SP1 English (x32 Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP1 x64 English (Version: 3.5.5692.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Works (x32 Version: 9.7.0621)
MSVCRT (x32 Version: 14.0.1468.721)
Music Transfer (x32 Version: 1.3.01.13160)
MusicStation (x32 Version: 1.2.2.180)
Norton Online Backup (x32 Version: 1.2.20.0)
Open It! (x32 Version: 1.1.1)
Plus-HD-2.3 (x32 Version: 1.27.153.8)
Primo (x32 Version: 1.00.0000)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.5897)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5886)
Regi (Version: 1.00.0000)
Roxio Central Audio (x32 Version: 3.8.0)
Roxio Central Copy (x32 Version: 3.8.0)
Roxio Central Core (x32 Version: 3.8.0)
Roxio Central Data (x32 Version: 3.8.0)
Roxio Central Tools (x32 Version: 3.8.0)
Roxio Easy Media Creator 10 LJ (x32 Version: 10.3)
Roxio Easy Media Creator Home (x32 Version: 10.3.121)
Runtime (x32 Version: 1.00.0000)
Setting Utility Series (x32 Version: 5.0.0.07300)
Skype™ 4.0 (x32 Version: 4.0.227)
Sony Home Network Library (x32 Version: 2.0.0.07280)
Sony Picture Utility (x32 Version: 4.2.12.16210)
Sophos AutoUpdate (x32 Version: 2.5.4)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Super Lyrics (x32)
Unterstützung für VAIO-Präsentation (x32 Version: 2.0.0.05270)
Update for Zip Opener (HKCU)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.5.0.06261)
VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.5.0.06260)
VAIO Content Metadata Manager Settings (x32 Version: 3.5.0.06260)
VAIO Content Metadata XML Interface Library (x32 Version: 3.5.0.06180)
VAIO Content Monitoring Settings (x32 Version: 2.4.0.06120)
VAIO Control Center (x32 Version: 4.0.0.06120)
VAIO Data Restore Tool (x32 Version: 1.1.01.06290)
VAIO DVD Menu Data Basic (x32 Version: 1.0.00.08130)
VAIO Energie Verwaltung (x32 Version: 4.0.0.07160)
VAIO Entertainment Platform (x32 Version: 3.5.0.07230)
VAIO Event Service (x32 Version: 5.0.0.07010)
VAIO FW screensaver (x32 Version: 1.0.0.0)
VAIO Gate (x32 Version: 1.0.0.08050)
VAIO Marketing Tools (x32)
VAIO Media plus (x32 Version: 2.0.0.07280)
VAIO Media plus Opening Movie (x32 Version: 1.2.0.09100)
VAIO Movie Story (x32 Version: 1.5.00.06191)
VAIO Movie Story Template Data (x32 Version: 1.5.00.06010)
VAIO Original Function Settings (x32 Version: 2.0.0.07010)
VAIO Original Funktion Einstellungen (x32 Version: 2.0.0.07010)
VAIO Premium Partners 1.00 (x32)
VAIO Smart Network (x32 Version: 3.0.0.08120)
VAIO Update 4 (x32 Version: 4.2.0.07300)
VAIO Wallpaper Contents (x32 Version: 2.0.0.06010)
VAIO-Support für Übertragungen (x32 Version: 1.0.0.07290)
VD64Inst (Version: 1.00.0000)
WIDCOMM Bluetooth Software (Version: 6.2.0.9600)
Windows Live Anmelde-Assistent (x32 Version: 5.000.817.1)
Windows Live Call (x32 Version: 14.0.8050.1202)
Windows Live Communications Platform (x32 Version: 14.0.8050.1202)
Windows Live Essentials (x32 Version: 14.0.8050.1202)
Windows Live Messenger (x32 Version: 14.0.8050.1202)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
WinDVD BD for VAIO (x32 Version: 8.0.20.79)
Zip Opener Packages (HKCU)
Zip Opener Packages 87 (HKCU)

==================== Restore Points  =========================

19-07-2013 07:26:04 Installed Sophos Anti-Virus
19-07-2013 07:26:39 Installed Sophos AutoUpdate
19-07-2013 07:36:49 Windows Update
19-07-2013 07:43:01 Windows Update
19-07-2013 15:44:15 Removed Sophos AutoUpdate
19-07-2013 16:07:04 Installed Sophos Anti-Virus
19-07-2013 16:07:27 Installed Sophos AutoUpdate

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-19 18:50 - 00450371 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {06B9F129-8164-4DCB-B18F-2BEE50873908} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {18871FF2-164F-4AD7-9ED6-0D22B336E985} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2009-08-05] (Sony Corporation)
Task: {1B3C4044-97BC-4F86-BF14-2BF30D500B07} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {4F819418-A0D5-4B34-B707-CF05F233DBAE} - System32\Tasks\Super Lyrics Update => C:\Program Files (x86)\Super_Lyrics\SuperLupdater.exe No File
Task: {727D0B22-4269-42A9-A3BC-102DADBC633B} - System32\Tasks\SONY\VAIO Recovery Center\VAIO Reminder => C:\Program Files (x86)\Sony\VAIO Reminder\VAIOReminder.exe [2009-07-27] (Sony Corporation)
Task: {88991D28-B7F2-44E2-AD04-CF9B1D19A728} - System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244} => C:\Windows\system32\msfeedssync.exe [2009-07-14] (Microsoft Corporation)
Task: {A300329A-9685-43FF-86A0-AC8BBAD709F8} - System32\Tasks\DealPly => C:\Users\RW\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE No File
Task: {AB222130-C0E9-4BFD-8464-3331F95BE047} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {BA3FBE3A-2750-482F-BD0A-D26689C668E6} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2009-07-30] (Sony Corporation)
Task: {CDC96CD0-0F95-4FA0-B97B-A7C73D081E99} - System32\Tasks\User_Feed_Synchronization-{F2328C33-FB83-4F51-A886-B0D5FB051D6C} => C:\Windows\system32\msfeedssync.exe [2009-07-14] (Microsoft Corporation)
Task: {CF4AF30E-72B4-43C7-B3E8-99B5F79BBA7A} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {FE49DD07-4364-4BA1-9840-540FA8BF2CFE} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: C:\Windows\Tasks\Super Lyrics Update.job => C:\Program Files (x86)\Super_Lyrics\SuperLupdater.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/22/2013 07:40:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (07/22/2013 06:44:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (07/22/2013 06:44:00 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (07/22/2013 06:38:50 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (07/19/2013 07:48:53 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (07/19/2013 05:56:12 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)


System errors:
=============
Error: (07/22/2013 06:38:20 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.

Error: (07/22/2013 06:38:08 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (07/22/2013 06:38:08 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (07/19/2013 07:48:27 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.

Error: (07/19/2013 07:48:15 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (07/19/2013 07:48:15 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (07/19/2013 06:09:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sophos AutoUpdate Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/19/2013 06:07:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sophos AutoUpdate Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/19/2013 05:55:48 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.

Error: (07/19/2013 05:55:35 PM) (Source: atikmdag) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 4063.02 MB
Available physical RAM: 2510.93 MB
Total Pagefile: 8124.2 MB
Available Pagefile: 6315.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:229.96 GB) (Free:202.13 GB) NTFS (Disk=0 Partition=3)
Drive d: (Daten) (Fixed) (Total:224.61 GB) (Free:190.84 GB) NTFS (Disk=0 Partition=4)
Drive h: (CORSAIR) (Removable) (Total:3.76 GB) (Free:3.75 GB) FAT32 (Disk=3 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 353D0CB4)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=225 GB) - (Type=OF Extended)

========================================================
Disk: 3 (Size: 4 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================

schrauber · 22.07.2013, 20:24

Java, Adobe Reader und Flash updaten. Windows updaten.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Mike12 · 23.07.2013, 20:52

Hallo,

das sieht wieder gut aus auf meinem Rechner, besten Dank für deine Hilfe!
Bei der Sicherheitssoftware ist auch Neues für mich dabei, da werde ich mir noch einiges zu Gemüte führen.

schrauber · 23.07.2013, 21:12

Gern Geschehen

23.07.2013, 21:12	#10
schrauber /// the machine /// TB-Ausbilder	Computer gesperrt, Bundespolizei Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Computer gesperrt, Bundespolizei

Plagegeister aller Art und deren Bekämpfung: Computer gesperrt, Bundespolizei