|
Log-Analyse und Auswertung: Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.AWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
19.09.2013, 20:03 | #1 |
| Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Hallo,... Habe einen Windows7 Laptop mit 1 Jahr Seit 7 Tagen hatte ich jetzt ein Problem mit meinen Computer,.. Meine Internetseiten brauchten Ultralange bis ich Seiten Öffnen konnte und bei meinem Schulforum kam zuerst eine Weise seite mit Untereinandergeschriebenen Tabs und erst nach 2 Minuten wartezeit die Richtige Seite wie sie Ursprünglich Aussah. Da mir das etwas Komisch Vorkam habe ich einen Totalscan mit Avast durchgeführt wie jede woche und es wurden 8 Dateien gefunden die ich nicht Löschen konnte... Bitguard, BrowserDefender...usw. Dank eines sehr guten Freundes habe ich mir jetzt adwcleaner.exe / JRT.exe / mbam-setup-1.75.o.1300.exe und HitmanPro_x64.exe Heruntergeladen Über TeamViewer hat er mir dann alles geregelt...Und Erklrät was ich machen muss... mit adwcleaner habe ich die Dateien zum Glück endlich Löschen können es waren wie er sagte PUP Vieren einer art Spionagezelle die schon gestreut hat. Danach habe ich JRT.exe laufen lassen der mir ebenfalls nochmal einiges gelöscht hat... Als ich dann mbam laufen lies wurde mir Angezeigt das ich 1 Trojana.P2P.Worm im Download JRT.exe habe und 2 PUP Dateien gefunden hat. mit mbam haben wir alle 3 Dateien gelöscht. Danach wurde mit mbam wieder ein Totalscan durchgeführt,... Mitlerweile sind es 4 PUP Vieren und ein Trojana... Die wir Ebenfalls gelöscht haben... Allerdings stehen diese Dateien immer noch in dem Quarantäne-Ordner Ich hab nochmal alles Durchlaufen lassen und es wurde nichts mehr gefunden oder gelöscht... Jedoch braucht mein Firefox immer noch knapp 3 Minuten um NUR Google aufzurufen und für andere Seiten Ebenfalls sehr Lange.... Videos von Youtube oder Facebook oder dergleichen kann ich mir auch nicht mehr ansehen,... Entweder es Läd gar nicht egal was ich drehe und wende oder es Läuft im 5 Minutentakt nur 7 Sekunden des Films ab... Sprich 5min warten 7 Sek sehen 5min warten 7 sek sehen.... usw. Er weiß sich da auch nicht mehr zu helfen,... Kann es sein das eines davon meine Datenbank Zerstört hat? Bin nur noch am Verzweifeln weil ich so ein Ähnliches Problem auf meinen 5 Jahrealten Laptop auch hatte und den Wegschmeißen konnte weil den selbst die Herstellungsfirma nichtmehr einschalten konnte ausser bis zum weißen Bildschirm.... Deshalb hier meine Frage was kann ich machen damit es wieder Normal und ohne das ich mich Sorgen muss läuft???? Danke schonmal im Vorraus |
19.09.2013, 21:24 | #2 |
/// the machine /// TB-Ausbilder | Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
19.09.2013, 22:49 | #3 |
| Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Ich musste ihn 2 mal Herunterladen,... da er nur zur hälfe der bite geladen war ist das Normal? Hatte das auch schon bei den anderen?!?!
__________________FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01 Ran by sony (administrator) on SONY-VAIO on 19-09-2013 22:40:56 Running from C:\Users\sony\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvservice.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Sony Corporation) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe (ALPS) C:\Program Files\Apoint\Apvfb.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.) HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications) HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations) HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.) MountPoints2: {a6ef43b4-dd8f-11e2-b446-ccaf78d710dc} - E:\.\Autorun.exe AUTORUN=1 HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] - c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation) HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to the Sony VAIO portal HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. Google HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {ED750B88-5D18-47EC-B2F7-C5CF1ABBE10A} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices SearchScopes: HKCU - {F321BC81-03DF-4EFA-A970-08DEB7E612EB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms} BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{A8C3EAB9-2727-486B-BEC2-2CF6C233B775}: [NameServer]212.23.115.148 212.23.115.132 FireFox: ======== FF ProfilePath: C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\7xhrq0xh.default FF NewTab: hxxp://www.google.com/firefox FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com/firefox FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\7xhrq0xh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF ==================== Services (Whitelisted) ================= S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-09-19] () R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-09-17] (SurfRight B.V.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 nvservice; C:\Windows\system32\nvservice.exe [192800 2013-02-04] (NVIDIA Corporation) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation) ==================== Drivers (Whitelisted) ==================== R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-11] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-11] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-11] () R3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2013-06-25] (Huawei Tech. Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-19 22:40 - 2013-09-19 22:40 - 00000000 ____D C:\FRST 2013-09-19 22:35 - 2013-09-19 22:40 - 01950622 _____ (Farbar) C:\Users\sony\Downloads\FRST64.exe 2013-09-19 20:26 - 2013-09-19 20:26 - 00002233 _____ C:\Users\Public\Desktop\ALDI TALK Verbindungsassistent.lnk 2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Users\sony\AppData\Roaming\ALDITALKVerbindungsassistent 2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent 2013-09-17 21:55 - 2013-09-17 21:56 - 00281896 _____ (Mozilla) C:\Users\sony\Downloads\Firefox Setup Stub 24.0.exe 2013-09-17 00:50 - 2013-09-17 00:50 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2013-09-17 00:50 - 2013-09-17 00:50 - 00000000 ____D C:\Program Files\HitmanPro 2013-09-17 00:20 - 2013-09-17 00:57 - 00000000 ____D C:\ProgramData\HitmanPro 2013-09-16 22:48 - 2013-09-16 23:12 - 09879648 _____ (SurfRight B.V.) C:\Users\sony\Downloads\HitmanPro_x64(1).exe 2013-09-16 22:00 - 2013-09-16 22:00 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-16 22:00 - 2013-09-16 22:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-16 22:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\Users\sony\AppData\Roaming\Malwarebytes 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-16 18:07 - 2013-09-16 18:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-09-16 04:59 - 2013-09-16 04:59 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk 2013-09-16 04:59 - 2013-09-16 04:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-09-16 00:53 - 2013-09-16 01:27 - 05826000 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de(1).exe 2013-09-16 00:46 - 2013-09-16 00:46 - 00000000 ____D C:\Windows\ERUNT 2013-09-16 00:35 - 2013-09-15 14:52 - 01029675 _____ (Thisisu) C:\Users\sony\Desktop\JRT.exe 2013-09-16 00:18 - 2013-09-17 00:16 - 00019480 _____ C:\Windows\PFRO.log 2013-09-15 23:56 - 2013-09-16 00:00 - 00000000 ____D C:\AdwCleaner 2013-09-15 23:15 - 2013-09-15 23:23 - 02306950 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-15 22:37 - 2013-09-15 23:37 - 01808912 _____ C:\Users\sony\Downloads\HitmanPro_x64.exe 2013-09-15 22:35 - 2013-09-15 23:22 - 01583938 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de.exe 2013-09-15 22:28 - 2013-09-15 22:32 - 00769797 _____ C:\Users\sony\Downloads\adwcleaner.exe 2013-09-15 10:46 - 2013-09-15 10:50 - 00003793 _____ C:\Users\sony\Documents\Neue Datenbank1.odb 2013-09-12 16:49 - 2013-09-19 17:01 - 00000392 _____ C:\Windows\setupact.log 2013-09-12 16:49 - 2013-09-12 16:49 - 00000000 _____ C:\Windows\setuperr.log 2013-09-12 16:39 - 2013-09-19 22:37 - 00361959 _____ C:\Windows\WindowsUpdate.log ==================== One Month Modified Files and Folders ======= 2013-09-19 22:40 - 2013-09-19 22:40 - 00000000 ____D C:\FRST 2013-09-19 22:40 - 2013-09-19 22:35 - 01950622 _____ (Farbar) C:\Users\sony\Downloads\FRST64.exe 2013-09-19 22:37 - 2013-09-12 16:39 - 00361959 _____ C:\Windows\WindowsUpdate.log 2013-09-19 22:16 - 2013-06-26 17:18 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-19 20:26 - 2013-09-19 20:26 - 00002233 _____ C:\Users\Public\Desktop\ALDI TALK Verbindungsassistent.lnk 2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Users\sony\AppData\Roaming\ALDITALKVerbindungsassistent 2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent 2013-09-19 17:09 - 2009-07-14 06:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-19 17:09 - 2009-07-14 06:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-19 17:07 - 2013-06-25 12:09 - 00696870 _____ C:\Windows\system32\perfh007.dat 2013-09-19 17:07 - 2013-06-25 12:09 - 00148134 _____ C:\Windows\system32\perfc007.dat 2013-09-19 17:07 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-19 17:02 - 2013-06-26 08:12 - 00000000 ____D C:\Update 2013-09-19 17:02 - 2013-06-25 11:26 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-19 17:01 - 2013-09-12 16:49 - 00000392 _____ C:\Windows\setupact.log 2013-09-19 17:01 - 2013-06-26 12:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-19 17:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-19 16:54 - 2013-06-25 19:04 - 00000000 ____D C:\Users\sony\AppData\Roaming\Skype 2013-09-19 04:18 - 2013-06-25 15:03 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D085320D-44F3-4FA8-9163-70D6648B81A6} 2013-09-18 22:28 - 2013-06-25 11:16 - 00000000 ____D C:\ProgramData\Sony Corporation 2013-09-17 23:58 - 2013-06-26 13:00 - 00000000 ____D C:\Users\sony\Documents\Registry Backups 2013-09-17 23:28 - 2013-06-26 12:55 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-17 23:28 - 2013-06-26 12:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-17 22:44 - 2013-07-01 13:50 - 00000000 ____D C:\Users\sony\Desktop\Anderes 2013-09-17 21:56 - 2013-09-17 21:55 - 00281896 _____ (Mozilla) C:\Users\sony\Downloads\Firefox Setup Stub 24.0.exe 2013-09-17 00:57 - 2013-09-17 00:20 - 00000000 ____D C:\ProgramData\HitmanPro 2013-09-17 00:50 - 2013-09-17 00:50 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2013-09-17 00:50 - 2013-09-17 00:50 - 00000000 ____D C:\Program Files\HitmanPro 2013-09-17 00:16 - 2013-09-16 00:18 - 00019480 _____ C:\Windows\PFRO.log 2013-09-16 23:12 - 2013-09-16 22:48 - 09879648 _____ (SurfRight B.V.) C:\Users\sony\Downloads\HitmanPro_x64(1).exe 2013-09-16 22:00 - 2013-09-16 22:00 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-16 22:00 - 2013-09-16 22:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-16 21:50 - 2013-06-25 14:08 - 00123392 _____ C:\Users\sony\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-16 21:45 - 2009-07-14 06:45 - 00464408 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-16 21:29 - 2013-06-26 12:41 - 00000000 ____D C:\Users\sony\AppData\Roaming\TeamViewer 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\Users\sony\AppData\Roaming\Malwarebytes 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-16 18:37 - 2013-09-16 18:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-09-16 04:59 - 2013-09-16 04:59 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk 2013-09-16 04:59 - 2013-09-16 04:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-09-16 01:27 - 2013-09-16 00:53 - 05826000 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de(1).exe 2013-09-16 00:46 - 2013-09-16 00:46 - 00000000 ____D C:\Windows\ERUNT 2013-09-16 00:00 - 2013-09-15 23:56 - 00000000 ____D C:\AdwCleaner 2013-09-15 23:37 - 2013-09-15 22:37 - 01808912 _____ C:\Users\sony\Downloads\HitmanPro_x64.exe 2013-09-15 23:23 - 2013-09-15 23:15 - 02306950 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-15 23:22 - 2013-09-15 22:35 - 01583938 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de.exe 2013-09-15 22:32 - 2013-09-15 22:28 - 00769797 _____ C:\Users\sony\Downloads\adwcleaner.exe 2013-09-15 14:52 - 2013-09-16 00:35 - 01029675 _____ (Thisisu) C:\Users\sony\Desktop\JRT.exe 2013-09-15 10:50 - 2013-09-15 10:46 - 00003793 _____ C:\Users\sony\Documents\Neue Datenbank1.odb 2013-09-14 12:25 - 2013-06-26 14:07 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-14 09:20 - 2013-07-11 20:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-14 01:18 - 2013-08-13 11:09 - 00000000 ____D C:\Users\sony\Desktop\Der Herr 2013-09-13 23:28 - 2013-06-26 17:18 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-13 23:28 - 2013-06-26 17:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-13 23:28 - 2013-06-26 17:18 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-12 17:46 - 2013-06-27 13:10 - 00000000 ____D C:\ProgramData\CanonIJPLM 2013-09-12 16:49 - 2013-09-12 16:49 - 00000000 _____ C:\Windows\setuperr.log 2013-09-06 10:48 - 2013-06-25 20:15 - 00000000 ____D C:\Users\sony\AppData\Local\CrashDumps 2013-08-22 03:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports Some content of TEMP: ==================== C:\Users\sony\AppData\Local\Temp\uninst1.exe C:\Users\sony\AppData\Local\Temp\VersionUpdater.exe C:\Users\sony\AppData\Local\Temp\WtgZip.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-11 19:09 ==================== End Of Log ============================ --- --- --- Addition.txtFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-09-2013 01 Ran by sony at 2013-09-19 22:41:20 Running from C:\Users\sony\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe AIR (x32 Version: 2.5.1.17730) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7) ALDI TALK Verbindungsassistent (x32 Version: ) Alps Pointing-device for VAIO ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.142) ArcSoft WebCam Companion 4 (x32 Version: 4.0.21.392) Atheros WiFi Driver Installation (x32 Version: 3.0) avast! Free Antivirus (x32 Version: 8.0.1489.0) Bluetooth Win7 Suite (64) (Version: 7.3.0.100) Canon IJ Scan Utility (x32) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32 Version: 4.0.0) Canon MG2200 series Benutzerregistrierung (x32) Canon MG2200 series MP Drivers (Version: 1.00) Canon MG2200 series On-screen Manual (x32 Version: 7.5.0) Canon My Image Garden (x32 Version: 1.0.0) Canon My Image Garden Design Files (x32 Version: 1.0.0) Canon My Printer (x32 Version: 3.0.0) Canon Quick Menu (x32 Version: 2.0.0) CCleaner (Version: 4.03) Conexant HD Audio (Version: 8.54.0.53) D3DX10 (x32 Version: 15.4.2368.0902) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922) Galerie foto Windows Live (x32 Version: 15.4.3502.0922) HitmanPro 3.7 (Version: 3.7.7.205) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Management Engine Components (x32 Version: 7.0.0.1144) Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046) Java Auto Updater (x32 Version: 2.0.2.4) Java(TM) 6 Update 22 (64-bit) (Version: 6.0.220) Java(TM) 6 Update 22 (x32 Version: 6.0.220) Junk Mail filter update (x32 Version: 15.4.3502.0922) League of Legends (x32 Version: 1.3) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Media Gallery (Version: 1.5.0.16020) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Professional 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Silverlight (x32 Version: 4.0.50401.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0) Mozilla Maintenance Service (x32 Version: 24.0) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) NVIDIA 3D Vision Treiber 269.73 (Version: 269.73) NVIDIA Grafiktreiber 269.73 (Version: 269.73) NVIDIA Guard Service 1.3 (Version: 1.3) NVIDIA HD-Audiotreiber 1.2.24.0 (Version: 1.2.24.0) NVIDIA Install Application (Version: 2.1002.109.718) NVIDIA PhysX (x32 Version: 9.12.0507) NVIDIA PhysX-Systemsoftware 9.12.0507 (Version: 9.12.0507) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6973) NVIDIA Systemsteuerung 269.73 (Version: 269.73) OpenOffice 4.0.0 (x32 Version: 4.00.9702) Pando Media Booster (x32 Version: 2.6.0.9) PMB (x32 Version: 5.5.02.12220) PMB VAIO Edition Plug-in (Version: 1.5.10.05300) PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922) Realtek PCIE Card Reader (x32 Version: 6.1.7601.92) Remote Keyboard (x32 Version: 1.1.1.03020) Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070) Skype™ 6.5 (x32 Version: 6.5.158) Sony Corporation (Version: 1.0.0) SSLx64 (Version: 1.0.0) SSLx86 (x32 Version: 1.0.0) TeamViewer 8 (x32 Version: 8.0.20935) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) VAIO - Media Gallery (x32 Version: 1.5.0.16020) VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030) VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140) VAIO - Remote Play mit PlayStation®3 (x32 Version: 1.1.0.15070) VAIO - Remote-Tastatur (x32 Version: 1.0.1.03020) VAIO Care (x32 Version: 6.4.2.11150) VAIO Control Center (x32 Version: 4.5.0.03040) VAIO Data Restore Tool (x32 Version: 1.6.0.13140) VAIO Easy Connect (x32 Version: 1.1.2.01120) VAIO Event Service (x32 Version: 5.5.0.03040) VAIO Gate (x32 Version: 2.4.2.02200) VAIO Gate Default (x32 Version: 2.4.0.03240) VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280) VAIO Hero Screensaver - Summer 2011 Screensaver (x32) VAIO Improvement (x32 Version: 1.0.0.14150) VAIO Improvement Validation (Version: 1.0.4.01190) VAIO Quick Web Access (x32 Version: 1.4.5.3) VAIO Sample Contents (x32 Version: 1.4.2.09010) VAIO Smart Network (x32 Version: 3.5.0.02280) VAIO Update (x32 Version: 6.3.0.08010) VAIO-Handbuch (x32 Version: 2.0.0.02250) VAIO-Support für Übertragungen (x32 Version: 1.4.0.14230) VCCx86 (x32 Version: 1.0.0) VESx64 (Version: 1.0.0) VESx86 (x32 Version: 1.0.0) VGClientX64 (Version: 1.0.0) VGClientX86 (x32 Version: 1.0.0) Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1) VIx64 (Version: 1.0.0) VIx86 (x32 Version: 1.0.0) VSNx64 (Version: 1.0.0) VU5x64 (Version: 1.1.0) VU5x86 (x32 Version: 1.1.0) VWSTx86 (x32 Version: 1.0.0) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3508.1109) Windows Live Fotogaléria (x32 Version: 15.4.3502.0922) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live Fotogalleri (x32 Version: 15.4.3502.0922) Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922) Windows Live Fotótár (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3508.1109) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922) Windows Liven sähköposti (x32 Version: 15.4.3502.0922) Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922) xp-AntiSpy 3.98-2 (x32) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922) Основи Windows Live (x32 Version: 15.4.3502.0922) Основные компоненты Windows Live (x32 Version: 15.4.3502.0922) Почта Windows Live (x32 Version: 15.4.3502.0922) Фотоальбом Windows Live (x32 Version: 15.4.3502.0922) Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922) Фотоколекція Windows Live (x32 Version: 15.4.3502.0922) ==================== Restore Points ========================= 13-08-2013 14:51:30 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 13-08-2013 14:53:12 OpenOffice 4.0.0 wird installiert 20-08-2013 23:03:23 Geplanter Prüfpunkt 28-08-2013 11:14:21 Geplanter Prüfpunkt 05-09-2013 01:50:49 Geplanter Prüfpunkt 15-09-2013 03:27:58 Geplanter Prüfpunkt 18-09-2013 20:27:24 Installiert VAIO Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {1DC232A5-BE11-4020-BE0E-46114DCE53C3} - System32\Tasks\User_Feed_Synchronization-{D085320D-44F3-4FA8-9163-70D6648B81A6} => C:\Windows\system32\msfeedssync.exe [2013-06-26] (Microsoft Corporation) Task: {3F7DB367-1FBB-448A-B589-CB9E92A47482} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software) Task: {4312DDE7-20F7-43E0-81DA-784059754E85} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation) Task: {48709699-B9D6-4929-B01C-A70A664D95FE} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation) Task: {519390E3-AB87-4820-A65D-83466B493A94} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation) Task: {5EF89686-CC93-4AB8-9A29-F14F2B08B117} - System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} => C:\Windows\system32\msfeedssync.exe [2013-06-26] (Microsoft Corporation) Task: {7D8A2E75-7E43-41A4-87A5-C5472AEDCB30} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {7FC669C2-0418-4606-9A36-BD6DEDC21B9C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation) Task: {A212B229-CF04-45EE-9F5E-28663E259007} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation) Task: {A8AE33D6-0941-4016-8455-B5554D78E76E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient Task: {AA3A8CE3-169A-4164-BAA0-DEC0967DF1D2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {AD616057-7060-4C5A-B3B8-A5EA19CFB29A} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation) Task: {B3E3BFF2-A3A1-4AC3-8226-9A7A3A1D3E90} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation) Task: {CA318E5C-4F51-49B2-BA5C-79294BA87393} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated) Task: {CBD4C88D-2180-4FA7-B22B-56F8673DCB3B} - \EPUpdater No Task File Task: {E606F54E-D570-4FFA-8616-9462F34A8400} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation) Task: {EE50A1F3-2C62-4AE6-84BF-876C7D4D24BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd) Task: {F158BA1F-FFB6-4FC0-BC3F-864767FF1B34} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {F53906AB-2408-4F63-A632-768978A86628} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation) Task: {F7D99C64-3C3C-46AE-B6E6-FF3DF493A1D9} - System32\Tasks\{2F078E4A-2444-47DD-8237-E5EC738A527E} => Firefox.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-16 04:59 - 2013-09-12 10:22 - 00114528 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.dll 2011-02-17 09:52 - 2011-02-17 05:06 - 00107376 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll 2011-02-17 09:52 - 2011-02-17 05:06 - 00107376 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL 2013-09-16 04:59 - 2013-09-12 10:22 - 00095584 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll 2013-09-16 04:59 - 2013-09-12 10:31 - 00362336 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_de.dll 2013-09-16 04:59 - 2013-09-12 10:31 - 03031904 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll 2013-06-27 07:56 - 2013-06-27 07:56 - 00475136 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll 2013-06-27 07:56 - 2013-06-27 07:56 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll 2009-07-14 02:18 - 2009-07-14 03:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\imaadp32.acm 2009-07-14 02:18 - 2009-07-14 03:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\msg711.acm 2009-07-14 02:18 - 2009-07-14 03:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\msgsm32.acm 2009-07-14 02:18 - 2009-07-14 03:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm 2009-07-14 02:07 - 2009-07-14 03:14 - 00064000 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codeca.acm 2013-09-19 20:26 - 2013-09-19 20:26 - 00102400 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDatabase.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00106496 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgUtil.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00090112 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgPorts.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00200704 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDetection.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00086016 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDialup.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00012288 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGDebugs.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00073728 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDriverInstall.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00569344 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgCore.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00139264 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgBluetooth.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00204800 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\LiveBoxCM.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00823296 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\LIBEAY32.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00925696 _____ (WebToGo) C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgWiFiCore.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00126976 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgWiFi.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00569344 _____ (WebToGo Mobiles Internet GmbH) C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGAlertsEx.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00614400 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGXMLUtil.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00303104 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGSMSPCClient.Dll 2013-06-26 12:55 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2012-05-12 04:09 - 2012-05-12 04:09 - 00236864 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll 2013-09-11 20:17 - 2013-09-11 20:17 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll 2013-09-16 22:00 - 2011-06-01 10:16 - 00496976 _____ (vbAccelerator) C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx 2013-09-16 22:00 - 2012-05-22 17:05 - 00046416 _____ (vbAccelerator) C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/19/2013 05:03:37 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 00:18:27 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 00:17:33 AM) (Source: Windows Search Service) (User: ) Description: Der Index kann nicht initialisiert werden. Details: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020) Error: (09/17/2013 00:17:33 AM) (Source: Windows Search Service) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Kontext: Windows Anwendung Details: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020) Error: (09/17/2013 00:17:33 AM) (Source: Windows Search Service) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020) Error: (09/17/2013 00:17:33 AM) (Source: Windows Search Service) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020) Error: (09/16/2013 09:55:32 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/16/2013 09:46:25 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (09/17/2013 00:50:40 AM) (Source: iaStor) (User: ) Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error: (09/17/2013 00:17:33 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/17/2013 00:17:33 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: %%32 Error: (09/16/2013 06:07:07 PM) (Source: DCOM) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Microsoft Office Sessions: ========================= Error: (09/19/2013 05:03:37 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 00:18:27 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 00:17:33 AM) (Source: Windows Search Service)(User: ) Description: Details: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020) Error: (09/17/2013 00:17:33 AM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung Details: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020) Error: (09/17/2013 00:17:33 AM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020) Error: (09/17/2013 00:17:33 AM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020) Search.TripoliIndexer Error: (09/16/2013 09:55:32 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/16/2013 09:46:25 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Percentage of memory in use: 49% Total physical RAM: 4077.86 MB Available physical RAM: 2039.95 MB Total Pagefile: 8153.9 MB Available Pagefile: 5718.17 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:582.18 GB) (Free:525.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: A278D222) Partition 1: (Not Active) - (Size=14 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=582 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Danke das du mir hilfst Lg June Hätte auch noch eine andere Frage die er mir nicht beantworten konnte... Nach dem Plätten weil mein Computer sich nicht mehr mit dem Internet Jeglicher Art Verbinden wollte hatte mir mein ExFreund den Computer wieder eingerichtet... Kann aber mein Word Programm nichtmehr nutzen...( hab da ne 2 Tägige Sitzung mit Microsoft und SaturnMitarbeitern hinter mir wegen des Keys weil der nichtmehr auffindbar ist)... Und er hatte mir etwas Runtergeladen was sich xP-AntiSpy nennt und mir da die Firewall deaktiviert... mit dem Komentar... Man braucht es für den Privatgebrauch nicht und Verlangsamt nur den PC Stimmt das? Lg June |
20.09.2013, 11:18 | #4 |
/// the machine /// TB-Ausbilder | Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
20.09.2013, 14:26 | #5 |
| Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Möchtesd du den von Userem Scan auch? da habe ich noch den JRT.txt gespeichert bzw auch die erste von mbam? Malwarebytes Anti-Malware (Test) 1.75.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2013.09.20.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 sony :: SONY-VAIO [limitiert] Schutz: Aktiviert 20.09.2013 14:04:37 mbam-log-2013-09-20 (14-04-37).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 345539 Laufzeit: 43 Minute(n), Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # Benutzername : sony - SONY-VAIO # Gestartet von : C:\Users\sony\Downloads\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Browser ] ***** -\\ Internet Explorer v10.0.9200.16618 -\\ Mozilla Firefox v24.0 (de) [ Datei : C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\7xhrq0xh.default\prefs.js ] ************************* AdwCleaner[R0].txt - [4566 octets] - [15/09/2013 23:56:24] AdwCleaner[R1].txt - [918 octets] - [20/09/2013 14:54:34] AdwCleaner[S0].txt - [4275 octets] - [16/09/2013 00:00:12] AdwCleaner[S1].txt - [840 octets] - [20/09/2013 14:57:13] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [899 octets] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.1 (09.15.2013:1) OS: Windows 7 Home Premium x64 Ran by sony on 20.09.2013 at 15:01:58,25 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\sony\AppData\Roaming\mozilla\firefox\profiles\7xhrq0xh.default\minidumps [3 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 20.09.2013 at 15:10:22,43 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01 Ran by sony (administrator) on SONY-VAIO on 20-09-2013 15:13:09 Running from C:\Users\sony\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvservice.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Sony Corporation) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe (ALPS) C:\Program Files\Apoint\Apvfb.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.) HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications) HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations) HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.) HKLM-x32\...\RunOnce: [20130912] - C:\Program Files\AVAST Software\Avast\setup\emupdate\c06c1f8d-acfd-4647-b966-a74b34e7d877.exe /check [74088 2013-09-20] (AVAST Software) MountPoints2: {a6ef43b4-dd8f-11e2-b446-ccaf78d710dc} - E:\.\Autorun.exe AUTORUN=1 HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] - c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation) HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com/ hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {ED750B88-5D18-47EC-B2F7-C5CF1ABBE10A} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices SearchScopes: HKCU - {F321BC81-03DF-4EFA-A970-08DEB7E612EB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms} BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{4931B0CF-803D-47C9-9B84-EC60C7D14136}: [NameServer]212.23.115.148 212.23.115.132 FireFox: ======== FF ProfilePath: C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\7xhrq0xh.default FF NewTab: hxxp://www.google.com/firefox FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com/firefox FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\7xhrq0xh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF ==================== Services (Whitelisted) ================= S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-09-19] () R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-09-17] (SurfRight B.V.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 nvservice; C:\Windows\system32\nvservice.exe [192800 2013-02-04] (NVIDIA Corporation) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation) ==================== Drivers (Whitelisted) ==================== R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-11] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-11] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-11] () R3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2013-06-25] (Huawei Tech. Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-20 15:10 - 2013-09-20 15:10 - 00000754 _____ C:\Users\sony\Desktop\JRT.txt 2013-09-19 22:41 - 2013-09-19 22:41 - 00025491 _____ C:\Users\sony\Downloads\Addition.txt 2013-09-19 22:40 - 2013-09-19 22:40 - 00000000 ____D C:\FRST 2013-09-19 22:35 - 2013-09-19 22:40 - 01950622 _____ (Farbar) C:\Users\sony\Downloads\FRST64.exe 2013-09-19 20:26 - 2013-09-20 02:00 - 00000000 ____D C:\Users\sony\AppData\Roaming\ALDITALKVerbindungsassistent 2013-09-19 20:26 - 2013-09-19 20:26 - 00002233 _____ C:\Users\Public\Desktop\ALDI TALK Verbindungsassistent.lnk 2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent 2013-09-17 21:55 - 2013-09-17 21:56 - 00281896 _____ (Mozilla) C:\Users\sony\Downloads\Firefox Setup Stub 24.0.exe 2013-09-17 00:50 - 2013-09-17 00:50 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2013-09-17 00:50 - 2013-09-17 00:50 - 00000000 ____D C:\Program Files\HitmanPro 2013-09-17 00:20 - 2013-09-17 00:57 - 00000000 ____D C:\ProgramData\HitmanPro 2013-09-16 22:48 - 2013-09-16 23:12 - 09879648 _____ (SurfRight B.V.) C:\Users\sony\Downloads\HitmanPro_x64(1).exe 2013-09-16 22:00 - 2013-09-16 22:00 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-16 22:00 - 2013-09-16 22:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-16 22:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\Users\sony\AppData\Roaming\Malwarebytes 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-16 18:07 - 2013-09-16 18:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-09-16 04:59 - 2013-09-16 04:59 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk 2013-09-16 04:59 - 2013-09-16 04:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-09-16 00:53 - 2013-09-16 01:27 - 05826000 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de(1).exe 2013-09-16 00:46 - 2013-09-16 00:46 - 00000000 ____D C:\Windows\ERUNT 2013-09-16 00:35 - 2013-09-15 14:52 - 01029675 _____ (Thisisu) C:\Users\sony\Desktop\JRT.exe 2013-09-16 00:18 - 2013-09-17 00:16 - 00019480 _____ C:\Windows\PFRO.log 2013-09-15 23:56 - 2013-09-20 14:57 - 00000000 ____D C:\AdwCleaner 2013-09-15 23:15 - 2013-09-15 23:23 - 02306950 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-15 22:37 - 2013-09-15 23:37 - 01808912 _____ C:\Users\sony\Downloads\HitmanPro_x64.exe 2013-09-15 22:35 - 2013-09-15 23:22 - 01583938 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de.exe 2013-09-15 22:28 - 2013-09-15 22:32 - 00769797 _____ C:\Users\sony\Downloads\adwcleaner.exe 2013-09-15 10:46 - 2013-09-15 10:50 - 00003793 _____ C:\Users\sony\Documents\Neue Datenbank1.odb 2013-09-12 16:49 - 2013-09-20 14:58 - 00000448 _____ C:\Windows\setupact.log 2013-09-12 16:49 - 2013-09-12 16:49 - 00000000 _____ C:\Windows\setuperr.log 2013-09-12 16:39 - 2013-09-20 15:04 - 00404184 _____ C:\Windows\WindowsUpdate.log ==================== One Month Modified Files and Folders ======= 2013-09-20 15:10 - 2013-09-20 15:10 - 00000754 _____ C:\Users\sony\Desktop\JRT.txt 2013-09-20 15:06 - 2013-06-25 12:09 - 00696870 _____ C:\Windows\system32\perfh007.dat 2013-09-20 15:06 - 2013-06-25 12:09 - 00148134 _____ C:\Windows\system32\perfc007.dat 2013-09-20 15:06 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-20 15:06 - 2009-07-14 06:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-20 15:06 - 2009-07-14 06:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-20 15:04 - 2013-09-12 16:39 - 00404184 _____ C:\Windows\WindowsUpdate.log 2013-09-20 15:00 - 2013-06-25 14:58 - 00000000 ____D C:\Users\sony\AppData\Local\VirtualStore 2013-09-20 14:58 - 2013-09-12 16:49 - 00000448 _____ C:\Windows\setupact.log 2013-09-20 14:58 - 2013-06-25 11:26 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-20 14:58 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-20 14:57 - 2013-09-15 23:56 - 00000000 ____D C:\AdwCleaner 2013-09-20 14:54 - 2013-06-25 19:04 - 00000000 ____D C:\Users\sony\AppData\Roaming\Skype 2013-09-20 14:16 - 2013-06-26 17:18 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-20 08:25 - 2013-06-26 17:18 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-20 08:25 - 2013-06-26 17:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-20 08:25 - 2013-06-26 17:18 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-20 04:41 - 2013-06-25 15:03 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D085320D-44F3-4FA8-9163-70D6648B81A6} 2013-09-20 02:00 - 2013-09-19 20:26 - 00000000 ____D C:\Users\sony\AppData\Roaming\ALDITALKVerbindungsassistent 2013-09-19 22:41 - 2013-09-19 22:41 - 00025491 _____ C:\Users\sony\Downloads\Addition.txt 2013-09-19 22:40 - 2013-09-19 22:40 - 00000000 ____D C:\FRST 2013-09-19 22:40 - 2013-09-19 22:35 - 01950622 _____ (Farbar) C:\Users\sony\Downloads\FRST64.exe 2013-09-19 20:26 - 2013-09-19 20:26 - 00002233 _____ C:\Users\Public\Desktop\ALDI TALK Verbindungsassistent.lnk 2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent 2013-09-19 17:02 - 2013-06-26 08:12 - 00000000 ____D C:\Update 2013-09-19 17:01 - 2013-06-26 12:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-18 22:28 - 2013-06-25 11:16 - 00000000 ____D C:\ProgramData\Sony Corporation 2013-09-17 23:58 - 2013-06-26 13:00 - 00000000 ____D C:\Users\sony\Documents\Registry Backups 2013-09-17 23:28 - 2013-06-26 12:55 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-17 23:28 - 2013-06-26 12:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-17 22:44 - 2013-07-01 13:50 - 00000000 ____D C:\Users\sony\Desktop\Anderes 2013-09-17 21:56 - 2013-09-17 21:55 - 00281896 _____ (Mozilla) C:\Users\sony\Downloads\Firefox Setup Stub 24.0.exe 2013-09-17 00:57 - 2013-09-17 00:20 - 00000000 ____D C:\ProgramData\HitmanPro 2013-09-17 00:50 - 2013-09-17 00:50 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2013-09-17 00:50 - 2013-09-17 00:50 - 00000000 ____D C:\Program Files\HitmanPro 2013-09-17 00:16 - 2013-09-16 00:18 - 00019480 _____ C:\Windows\PFRO.log 2013-09-16 23:12 - 2013-09-16 22:48 - 09879648 _____ (SurfRight B.V.) C:\Users\sony\Downloads\HitmanPro_x64(1).exe 2013-09-16 22:00 - 2013-09-16 22:00 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-16 22:00 - 2013-09-16 22:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-16 21:50 - 2013-06-25 14:08 - 00123392 _____ C:\Users\sony\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-16 21:45 - 2009-07-14 06:45 - 00464408 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-16 21:29 - 2013-06-26 12:41 - 00000000 ____D C:\Users\sony\AppData\Roaming\TeamViewer 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\Users\sony\AppData\Roaming\Malwarebytes 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-16 18:37 - 2013-09-16 18:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-09-16 04:59 - 2013-09-16 04:59 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk 2013-09-16 04:59 - 2013-09-16 04:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-09-16 01:27 - 2013-09-16 00:53 - 05826000 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de(1).exe 2013-09-16 00:46 - 2013-09-16 00:46 - 00000000 ____D C:\Windows\ERUNT 2013-09-15 23:37 - 2013-09-15 22:37 - 01808912 _____ C:\Users\sony\Downloads\HitmanPro_x64.exe 2013-09-15 23:23 - 2013-09-15 23:15 - 02306950 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-15 23:22 - 2013-09-15 22:35 - 01583938 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de.exe 2013-09-15 22:32 - 2013-09-15 22:28 - 00769797 _____ C:\Users\sony\Downloads\adwcleaner.exe 2013-09-15 14:52 - 2013-09-16 00:35 - 01029675 _____ (Thisisu) C:\Users\sony\Desktop\JRT.exe 2013-09-15 10:50 - 2013-09-15 10:46 - 00003793 _____ C:\Users\sony\Documents\Neue Datenbank1.odb 2013-09-14 12:25 - 2013-06-26 14:07 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-14 09:20 - 2013-07-11 20:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-14 01:18 - 2013-08-13 11:09 - 00000000 ____D C:\Users\sony\Desktop\Der Herr 2013-09-12 17:46 - 2013-06-27 13:10 - 00000000 ____D C:\ProgramData\CanonIJPLM 2013-09-12 16:49 - 2013-09-12 16:49 - 00000000 _____ C:\Windows\setuperr.log 2013-09-06 10:48 - 2013-06-25 20:15 - 00000000 ____D C:\Users\sony\AppData\Local\CrashDumps 2013-08-22 03:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports Some content of TEMP: ==================== C:\Users\sony\AppData\Local\Temp\uninst1.exe C:\Users\sony\AppData\Local\Temp\VersionUpdater.exe C:\Users\sony\AppData\Local\Temp\WtgZip.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-11 19:09 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- Nachdem ich dir gerade alles geschickt hatte machte sich mein Computer selbstständig... Er hat Firefox beendet, und mir nur noch mein Hintergrundbild dagelassen für ca 1 Minute... Das war beim letzten mal nicht so????!!!!??? Mitlerweile tat er das schon zum zweiten mal das er mir alles schließt... Das Beunruhigt mich mehr als nur ein wenig |
20.09.2013, 20:48 | #6 |
/// the machine /// TB-Ausbilder | Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Komisch. Reboote mal den REchner manuell. ESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A |
20.09.2013, 22:26 | #7 |
| Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Habe den Rechner Neu Gestartet... er ist zwa sehr Langsam noch aber das Problem hatte ich jetzt nur 1x nochmal danach... Bzw 2x auf der selben seite weshalb ich die jetzt erstmal meiden werde zu Lesen falls es von der kommt... Ist es Normal das ich nach sehr kurzer Zeit von meinem Online Status auf Offline wechsel ohne das ich hier Ihrgendetwas drücke ectra.? Jedesmal jetzt beim Lesen was ich als nächstes zu tun habe wird mir Gesagt ich bin offline gegangen... Bei mir steht bei ESET ... Unexpected error 2002 Avast lässt sich aber auch nicht ausschalten hab ich gerade festgestellt |
21.09.2013, 11:53 | #8 |
/// the machine /// TB-Ausbilder | Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Hast du den Login speichern lassen sprich Haken gesetzt bei "Angemeldet bleiben"? Mach mal nen Vollscan mit Avast und den Rest obiger Anleitung.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
21.09.2013, 12:10 | #9 |
| Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Danke,... Hab von Eset Alles nach Anleitung gemacht... es kommt immer wieder Fehler 2002 zum Vorschein,... Teste es gerade mit der Deutschen Version die mir mein Kumpel geschickt hat,... ob dieser Fehler immer noch auftritt Mittlerweile sind es 3,5 Std seit er Initzialliesiert und ist bei 68% Wollte auch schon mal SecurityCheck Downloaden... brauchte immer noch 2 Versuche weil es sich nicht Vollständig Downloaden lies... Und kann es nicht öffnen... Mein System lässt es nicht zu... Lg June |
21.09.2013, 16:44 | #10 |
/// the machine /// TB-Ausbilder | Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Kommt ne Fehlermeldung? Vollscan mit deinem AV Programm gemacht? Frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
21.09.2013, 21:48 | #11 |
| Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Nein kam jetzt keine hat aber knapp 5 std gedauert...nur zum Inizialliesieren ESET.txt Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=87635f35009b0746816aef4fde3b2d3e # engine=13131 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-09-21 12:33:34 # local_time=2013-09-21 02:33:34 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=774 16777213 85 91 149339 156476686 0 0 # compatibility_mode=5893 16776573 100 94 54003 131396664 0 0 # scanned=158746 # found=0 # cleaned=0 # scan_time=4224 FRST.txt ist in Arbeit Beim Deinstallieren von ESET viel uns eine Datei auf die wir beide nicht kennen Realtek PCIE Card Reader....Realtek Semiconductor Corp. Ein Blauer ´´Krebs´´ ist darauf abgebildet... kennst du diese Datei? FRST.txt FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013 Ran by sony (administrator) on SONY-VAIO on 21-09-2013 22:39:22 Running from C:\Users\sony\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvservice.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Sony Corporation) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe (ALPS) C:\Program Files\Apoint\Apvfb.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.) HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications) HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations) HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.) HKLM-x32\...\RunOnce: [20130912] - C:\Program Files\AVAST Software\Avast\setup\emupdate\c06c1f8d-acfd-4647-b966-a74b34e7d877.exe /check [74088 2013-09-20] (AVAST Software) MountPoints2: {a6ef43b4-dd8f-11e2-b446-ccaf78d710dc} - E:\.\Autorun.exe AUTORUN=1 HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] - c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation) HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com/ hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {ED750B88-5D18-47EC-B2F7-C5CF1ABBE10A} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices SearchScopes: HKCU - {F321BC81-03DF-4EFA-A970-08DEB7E612EB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms} BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{4931B0CF-803D-47C9-9B84-EC60C7D14136}: [NameServer]212.23.115.148 212.23.115.132 FireFox: ======== FF ProfilePath: C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\7xhrq0xh.default FF NewTab: hxxp://www.google.com/firefox FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com/firefox FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\7xhrq0xh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF ==================== Services (Whitelisted) ================= S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-09-19] () R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-09-17] (SurfRight B.V.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 nvservice; C:\Windows\system32\nvservice.exe [192800 2013-02-04] (NVIDIA Corporation) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation) ==================== Drivers (Whitelisted) ==================== R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-11] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-11] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-11] () R3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2013-06-25] (Huawei Tech. Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-21 22:34 - 2013-09-21 22:39 - 01956670 _____ (Farbar) C:\Users\sony\Downloads\FRST64.exe 2013-09-21 01:23 - 2013-09-21 01:36 - 02347384 _____ (ESET) C:\Users\sony\Downloads\esetsmartinstaller_deu.exe 2013-09-21 00:00 - 2013-09-21 00:03 - 00565535 _____ C:\Users\sony\Downloads\SecurityCheck(2).exe 2013-09-20 23:59 - 2013-09-20 23:59 - 00016261 _____ C:\Users\sony\Downloads\SecurityCheck(1).exe 2013-09-20 23:32 - 2013-09-20 23:33 - 00046655 _____ C:\Users\sony\Downloads\SecurityCheck.exe 2013-09-20 22:16 - 2013-09-20 22:16 - 00000000 ____D C:\Program Files (x86)\ESET 2013-09-20 22:05 - 2013-09-20 22:11 - 02347384 _____ (ESET) C:\Users\sony\Downloads\esetsmartinstaller_enu.exe 2013-09-19 22:41 - 2013-09-19 22:41 - 00025491 _____ C:\Users\sony\Downloads\Addition.txt 2013-09-19 22:40 - 2013-09-19 22:40 - 00000000 ____D C:\FRST 2013-09-19 20:26 - 2013-09-20 02:00 - 00000000 ____D C:\Users\sony\AppData\Roaming\ALDITALKVerbindungsassistent 2013-09-19 20:26 - 2013-09-19 20:26 - 00002233 _____ C:\Users\Public\Desktop\ALDI TALK Verbindungsassistent.lnk 2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent 2013-09-17 21:55 - 2013-09-17 21:56 - 00281896 _____ (Mozilla) C:\Users\sony\Downloads\Firefox Setup Stub 24.0.exe 2013-09-17 00:50 - 2013-09-17 00:50 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2013-09-17 00:50 - 2013-09-17 00:50 - 00000000 ____D C:\Program Files\HitmanPro 2013-09-17 00:20 - 2013-09-17 00:57 - 00000000 ____D C:\ProgramData\HitmanPro 2013-09-16 22:48 - 2013-09-16 23:12 - 09879648 _____ (SurfRight B.V.) C:\Users\sony\Downloads\HitmanPro_x64(1).exe 2013-09-16 22:00 - 2013-09-16 22:00 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-16 22:00 - 2013-09-16 22:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-16 22:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\Users\sony\AppData\Roaming\Malwarebytes 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-16 18:07 - 2013-09-16 18:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-09-16 04:59 - 2013-09-16 04:59 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk 2013-09-16 04:59 - 2013-09-16 04:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-09-16 00:53 - 2013-09-16 01:27 - 05826000 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de(1).exe 2013-09-16 00:46 - 2013-09-16 00:46 - 00000000 ____D C:\Windows\ERUNT 2013-09-16 00:35 - 2013-09-15 14:52 - 01029675 _____ (Thisisu) C:\Users\sony\Desktop\JRT.exe 2013-09-16 00:18 - 2013-09-17 00:16 - 00019480 _____ C:\Windows\PFRO.log 2013-09-15 23:56 - 2013-09-20 14:57 - 00000000 ____D C:\AdwCleaner 2013-09-15 23:15 - 2013-09-15 23:23 - 02306950 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-15 22:37 - 2013-09-15 23:37 - 01808912 _____ C:\Users\sony\Downloads\HitmanPro_x64.exe 2013-09-15 22:35 - 2013-09-15 23:22 - 01583938 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de.exe 2013-09-15 22:28 - 2013-09-15 22:32 - 00769797 _____ C:\Users\sony\Downloads\adwcleaner.exe 2013-09-15 10:46 - 2013-09-15 10:50 - 00003793 _____ C:\Users\sony\Documents\Neue Datenbank1.odb 2013-09-12 16:49 - 2013-09-20 14:58 - 00000448 _____ C:\Windows\setupact.log 2013-09-12 16:49 - 2013-09-12 16:49 - 00000000 _____ C:\Windows\setuperr.log 2013-09-12 16:39 - 2013-09-21 19:18 - 00484262 _____ C:\Windows\WindowsUpdate.log ==================== One Month Modified Files and Folders ======= 2013-09-21 22:39 - 2013-09-21 22:34 - 01956670 _____ (Farbar) C:\Users\sony\Downloads\FRST64.exe 2013-09-21 22:16 - 2013-06-26 17:18 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-21 19:18 - 2013-09-12 16:39 - 00484262 _____ C:\Windows\WindowsUpdate.log 2013-09-21 09:43 - 2013-06-25 19:04 - 00000000 ____D C:\Users\sony\AppData\Roaming\Skype 2013-09-21 06:15 - 2013-06-25 15:03 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D085320D-44F3-4FA8-9163-70D6648B81A6} 2013-09-21 01:36 - 2013-09-21 01:23 - 02347384 _____ (ESET) C:\Users\sony\Downloads\esetsmartinstaller_deu.exe 2013-09-21 00:03 - 2013-09-21 00:00 - 00565535 _____ C:\Users\sony\Downloads\SecurityCheck(2).exe 2013-09-20 23:59 - 2013-09-20 23:59 - 00016261 _____ C:\Users\sony\Downloads\SecurityCheck(1).exe 2013-09-20 23:33 - 2013-09-20 23:32 - 00046655 _____ C:\Users\sony\Downloads\SecurityCheck.exe 2013-09-20 22:16 - 2013-09-20 22:16 - 00000000 ____D C:\Program Files (x86)\ESET 2013-09-20 22:11 - 2013-09-20 22:05 - 02347384 _____ (ESET) C:\Users\sony\Downloads\esetsmartinstaller_enu.exe 2013-09-20 22:06 - 2013-06-25 12:09 - 00696870 _____ C:\Windows\system32\perfh007.dat 2013-09-20 22:06 - 2013-06-25 12:09 - 00148134 _____ C:\Windows\system32\perfc007.dat 2013-09-20 22:06 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-20 15:06 - 2009-07-14 06:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-20 15:06 - 2009-07-14 06:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-20 15:00 - 2013-06-25 14:58 - 00000000 ____D C:\Users\sony\AppData\Local\VirtualStore 2013-09-20 14:58 - 2013-09-12 16:49 - 00000448 _____ C:\Windows\setupact.log 2013-09-20 14:58 - 2013-06-25 11:26 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-20 14:58 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-20 14:57 - 2013-09-15 23:56 - 00000000 ____D C:\AdwCleaner 2013-09-20 08:25 - 2013-06-26 17:18 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-20 08:25 - 2013-06-26 17:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-20 08:25 - 2013-06-26 17:18 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-20 02:00 - 2013-09-19 20:26 - 00000000 ____D C:\Users\sony\AppData\Roaming\ALDITALKVerbindungsassistent 2013-09-19 22:41 - 2013-09-19 22:41 - 00025491 _____ C:\Users\sony\Downloads\Addition.txt 2013-09-19 22:40 - 2013-09-19 22:40 - 00000000 ____D C:\FRST 2013-09-19 20:26 - 2013-09-19 20:26 - 00002233 _____ C:\Users\Public\Desktop\ALDI TALK Verbindungsassistent.lnk 2013-09-19 20:26 - 2013-09-19 20:26 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent 2013-09-19 17:02 - 2013-06-26 08:12 - 00000000 ____D C:\Update 2013-09-19 17:01 - 2013-06-26 12:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-18 22:28 - 2013-06-25 11:16 - 00000000 ____D C:\ProgramData\Sony Corporation 2013-09-17 23:58 - 2013-06-26 13:00 - 00000000 ____D C:\Users\sony\Documents\Registry Backups 2013-09-17 23:28 - 2013-06-26 12:55 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-17 23:28 - 2013-06-26 12:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-17 22:44 - 2013-07-01 13:50 - 00000000 ____D C:\Users\sony\Desktop\Anderes 2013-09-17 21:56 - 2013-09-17 21:55 - 00281896 _____ (Mozilla) C:\Users\sony\Downloads\Firefox Setup Stub 24.0.exe 2013-09-17 00:57 - 2013-09-17 00:20 - 00000000 ____D C:\ProgramData\HitmanPro 2013-09-17 00:50 - 2013-09-17 00:50 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2013-09-17 00:50 - 2013-09-17 00:50 - 00000000 ____D C:\Program Files\HitmanPro 2013-09-17 00:16 - 2013-09-16 00:18 - 00019480 _____ C:\Windows\PFRO.log 2013-09-16 23:12 - 2013-09-16 22:48 - 09879648 _____ (SurfRight B.V.) C:\Users\sony\Downloads\HitmanPro_x64(1).exe 2013-09-16 22:00 - 2013-09-16 22:00 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-16 22:00 - 2013-09-16 22:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-16 21:50 - 2013-06-25 14:08 - 00123392 _____ C:\Users\sony\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-16 21:45 - 2009-07-14 06:45 - 00464408 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-16 21:29 - 2013-06-26 12:41 - 00000000 ____D C:\Users\sony\AppData\Roaming\TeamViewer 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\Users\sony\AppData\Roaming\Malwarebytes 2013-09-16 21:28 - 2013-09-16 21:28 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-16 18:37 - 2013-09-16 18:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-09-16 04:59 - 2013-09-16 04:59 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk 2013-09-16 04:59 - 2013-09-16 04:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-09-16 01:27 - 2013-09-16 00:53 - 05826000 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de(1).exe 2013-09-16 00:46 - 2013-09-16 00:46 - 00000000 ____D C:\Windows\ERUNT 2013-09-15 23:37 - 2013-09-15 22:37 - 01808912 _____ C:\Users\sony\Downloads\HitmanPro_x64.exe 2013-09-15 23:23 - 2013-09-15 23:15 - 02306950 _____ (Malwarebytes Corporation ) C:\Users\sony\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-15 23:22 - 2013-09-15 22:35 - 01583938 _____ (TeamViewer GmbH) C:\Users\sony\Downloads\TeamViewer_Setup_de.exe 2013-09-15 22:32 - 2013-09-15 22:28 - 00769797 _____ C:\Users\sony\Downloads\adwcleaner.exe 2013-09-15 14:52 - 2013-09-16 00:35 - 01029675 _____ (Thisisu) C:\Users\sony\Desktop\JRT.exe 2013-09-15 10:50 - 2013-09-15 10:46 - 00003793 _____ C:\Users\sony\Documents\Neue Datenbank1.odb 2013-09-14 12:25 - 2013-06-26 14:07 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-14 09:20 - 2013-07-11 20:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-14 01:18 - 2013-08-13 11:09 - 00000000 ____D C:\Users\sony\Desktop\Der Herr 2013-09-12 17:46 - 2013-06-27 13:10 - 00000000 ____D C:\ProgramData\CanonIJPLM 2013-09-12 16:49 - 2013-09-12 16:49 - 00000000 _____ C:\Windows\setuperr.log 2013-09-06 10:48 - 2013-06-25 20:15 - 00000000 ____D C:\Users\sony\AppData\Local\CrashDumps 2013-08-22 03:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports Some content of TEMP: ==================== C:\Users\sony\AppData\Local\Temp\uninst1.exe C:\Users\sony\AppData\Local\Temp\VersionUpdater.exe C:\Users\sony\AppData\Local\Temp\WtgZip.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-21 14:54 ==================== End Of Log ============================ --- --- --- --- --- --- Addition.txt FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2013 Ran by sony at 2013-09-21 22:39:48 Running from C:\Users\sony\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ====================== Adobe AIR (x32 Version: 2.5.1.17730) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7) ALDI TALK Verbindungsassistent (x32 Version: ) Alps Pointing-device for VAIO ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.142) ArcSoft WebCam Companion 4 (x32 Version: 4.0.21.392) Atheros WiFi Driver Installation (x32 Version: 3.0) avast! Free Antivirus (x32 Version: 8.0.1489.0) Bluetooth Win7 Suite (64) (Version: 7.3.0.100) Canon IJ Scan Utility (x32) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32 Version: 4.0.0) Canon MG2200 series Benutzerregistrierung (x32) Canon MG2200 series MP Drivers (Version: 1.00) Canon MG2200 series On-screen Manual (x32 Version: 7.5.0) Canon My Image Garden (x32 Version: 1.0.0) Canon My Image Garden Design Files (x32 Version: 1.0.0) Canon My Printer (x32 Version: 3.0.0) Canon Quick Menu (x32 Version: 2.0.0) CCleaner (Version: 4.03) Conexant HD Audio (Version: 8.54.0.53) D3DX10 (x32 Version: 15.4.2368.0902) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922) Galerie foto Windows Live (x32 Version: 15.4.3502.0922) HitmanPro 3.7 (Version: 3.7.7.205) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Management Engine Components (x32 Version: 7.0.0.1144) Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046) Java Auto Updater (x32 Version: 2.0.2.4) Java(TM) 6 Update 22 (64-bit) (Version: 6.0.220) Java(TM) 6 Update 22 (x32 Version: 6.0.220) Junk Mail filter update (x32 Version: 15.4.3502.0922) League of Legends (x32 Version: 1.3) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Media Gallery (Version: 1.5.0.16020) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Professional 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.4763.1000) Microsoft Silverlight (x32 Version: 4.0.50401.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0) Mozilla Maintenance Service (x32 Version: 24.0) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) NVIDIA 3D Vision Treiber 269.73 (Version: 269.73) NVIDIA Grafiktreiber 269.73 (Version: 269.73) NVIDIA Guard Service 1.3 (Version: 1.3) NVIDIA HD-Audiotreiber 1.2.24.0 (Version: 1.2.24.0) NVIDIA Install Application (Version: 2.1002.109.718) NVIDIA PhysX (x32 Version: 9.12.0507) NVIDIA PhysX-Systemsoftware 9.12.0507 (Version: 9.12.0507) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6973) NVIDIA Systemsteuerung 269.73 (Version: 269.73) OpenOffice 4.0.0 (x32 Version: 4.00.9702) Pando Media Booster (x32 Version: 2.6.0.9) PMB (x32 Version: 5.5.02.12220) PMB VAIO Edition Plug-in (Version: 1.5.10.05300) PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922) Realtek PCIE Card Reader (x32 Version: 6.1.7601.92) Remote Keyboard (x32 Version: 1.1.1.03020) Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070) Skype™ 6.5 (x32 Version: 6.5.158) Sony Corporation (Version: 1.0.0) SSLx64 (Version: 1.0.0) SSLx86 (x32 Version: 1.0.0) TeamViewer 8 (x32 Version: 8.0.20935) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) VAIO - Media Gallery (x32 Version: 1.5.0.16020) VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030) VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140) VAIO - Remote Play mit PlayStation®3 (x32 Version: 1.1.0.15070) VAIO - Remote-Tastatur (x32 Version: 1.0.1.03020) VAIO Care (x32 Version: 6.4.2.11150) VAIO Control Center (x32 Version: 4.5.0.03040) VAIO Data Restore Tool (x32 Version: 1.6.0.13140) VAIO Easy Connect (x32 Version: 1.1.2.01120) VAIO Event Service (x32 Version: 5.5.0.03040) VAIO Gate (x32 Version: 2.4.2.02200) VAIO Gate Default (x32 Version: 2.4.0.03240) VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280) VAIO Hero Screensaver - Summer 2011 Screensaver (x32) VAIO Improvement (x32 Version: 1.0.0.14150) VAIO Improvement Validation (Version: 1.0.4.01190) VAIO Quick Web Access (x32 Version: 1.4.5.3) VAIO Sample Contents (x32 Version: 1.4.2.09010) VAIO Smart Network (x32 Version: 3.5.0.02280) VAIO Update (x32 Version: 6.3.0.08010) VAIO-Handbuch (x32 Version: 2.0.0.02250) VAIO-Support für Übertragungen (x32 Version: 1.4.0.14230) VCCx86 (x32 Version: 1.0.0) VESx64 (Version: 1.0.0) VESx86 (x32 Version: 1.0.0) VGClientX64 (Version: 1.0.0) VGClientX86 (x32 Version: 1.0.0) Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1) VIx64 (Version: 1.0.0) VIx86 (x32 Version: 1.0.0) VSNx64 (Version: 1.0.0) VU5x64 (Version: 1.1.0) VU5x86 (x32 Version: 1.1.0) VWSTx86 (x32 Version: 1.0.0) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3508.1109) Windows Live Fotogaléria (x32 Version: 15.4.3502.0922) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live Fotogalleri (x32 Version: 15.4.3502.0922) Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922) Windows Live Fotótár (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3508.1109) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922) Windows Liven sähköposti (x32 Version: 15.4.3502.0922) Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922) xp-AntiSpy 3.98-2 (x32) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922) Основи Windows Live (x32 Version: 15.4.3502.0922) Основные компоненты Windows Live (x32 Version: 15.4.3502.0922) Почта Windows Live (x32 Version: 15.4.3502.0922) Фотоальбом Windows Live (x32 Version: 15.4.3502.0922) Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922) Фотоколекція Windows Live (x32 Version: 15.4.3502.0922) ==================== Restore Points ========================= 13-08-2013 14:51:30 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 13-08-2013 14:53:12 OpenOffice 4.0.0 wird installiert 20-08-2013 23:03:23 Geplanter Prüfpunkt 28-08-2013 11:14:21 Geplanter Prüfpunkt 05-09-2013 01:50:49 Geplanter Prüfpunkt 15-09-2013 03:27:58 Geplanter Prüfpunkt 18-09-2013 20:27:24 Installiert VAIO Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {1DC232A5-BE11-4020-BE0E-46114DCE53C3} - System32\Tasks\User_Feed_Synchronization-{D085320D-44F3-4FA8-9163-70D6648B81A6} => C:\Windows\system32\msfeedssync.exe [2013-06-26] (Microsoft Corporation) Task: {3F7DB367-1FBB-448A-B589-CB9E92A47482} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software) Task: {4312DDE7-20F7-43E0-81DA-784059754E85} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation) Task: {48709699-B9D6-4929-B01C-A70A664D95FE} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation) Task: {4A8FD58D-F9E0-4868-B8EA-85BDF778889C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {519390E3-AB87-4820-A65D-83466B493A94} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation) Task: {5EF89686-CC93-4AB8-9A29-F14F2B08B117} - System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} => C:\Windows\system32\msfeedssync.exe [2013-06-26] (Microsoft Corporation) Task: {7D8A2E75-7E43-41A4-87A5-C5472AEDCB30} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {7FC669C2-0418-4606-9A36-BD6DEDC21B9C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation) Task: {A212B229-CF04-45EE-9F5E-28663E259007} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation) Task: {A8AE33D6-0941-4016-8455-B5554D78E76E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient Task: {AA3A8CE3-169A-4164-BAA0-DEC0967DF1D2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {AD616057-7060-4C5A-B3B8-A5EA19CFB29A} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation) Task: {CA318E5C-4F51-49B2-BA5C-79294BA87393} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated) Task: {CBD4C88D-2180-4FA7-B22B-56F8673DCB3B} - \EPUpdater No Task File Task: {E606F54E-D570-4FFA-8616-9462F34A8400} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation) Task: {EE50A1F3-2C62-4AE6-84BF-876C7D4D24BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd) Task: {F53906AB-2408-4F63-A632-768978A86628} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation) Task: {F7D99C64-3C3C-46AE-B6E6-FF3DF493A1D9} - System32\Tasks\{2F078E4A-2444-47DD-8237-E5EC738A527E} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsPlugin Task: {FE48282C-6CF4-4893-A406-240BE30FB6D2} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2011-02-17 09:52 - 2011-02-17 05:06 - 00107376 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll 2011-02-17 09:52 - 2011-02-17 05:06 - 00107376 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL 2013-09-16 04:59 - 2013-09-12 10:22 - 00114528 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.dll 2013-06-27 07:56 - 2013-06-27 07:56 - 00475136 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll 2013-06-27 07:56 - 2013-06-27 07:56 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll 2009-07-14 02:18 - 2009-07-14 03:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\imaadp32.acm 2009-07-14 02:18 - 2009-07-14 03:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\msg711.acm 2009-07-14 02:18 - 2009-07-14 03:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\msgsm32.acm 2009-07-14 02:18 - 2009-07-14 03:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm 2009-07-14 02:07 - 2009-07-14 03:14 - 00064000 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codeca.acm 2013-09-19 20:26 - 2013-09-19 20:26 - 00102400 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDatabase.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00106496 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgUtil.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00090112 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgPorts.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00200704 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDetection.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00086016 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDialup.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00012288 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGDebugs.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00073728 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDriverInstall.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00569344 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgCore.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00139264 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgBluetooth.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00204800 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\LiveBoxCM.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00823296 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\LIBEAY32.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00925696 _____ (WebToGo) C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgWiFiCore.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00126976 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgWiFi.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00569344 _____ (WebToGo Mobiles Internet GmbH) C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGAlertsEx.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00614400 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGXMLUtil.dll 2013-09-19 20:26 - 2013-09-19 20:26 - 00303104 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGSMSPCClient.Dll 2013-06-26 12:55 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2012-05-12 04:09 - 2012-05-12 04:09 - 00236864 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ==================== Alternate Data Streams (whitelisted) ====== ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/21/2013 02:58:23 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/21/2013 02:58:22 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/21/2013 02:58:19 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/21/2013 02:58:18 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/21/2013 02:58:16 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/21/2013 02:58:16 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/21/2013 02:56:52 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/21/2013 10:18:59 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/21/2013 10:18:49 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/21/2013 09:40:14 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Microsoft Office Sessions: ========================= Error: (09/21/2013 02:58:23 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\sony\downloads\esetsmartinstaller_deu.exe Error: (09/21/2013 02:58:22 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\sony\downloads\esetsmartinstaller_enu.exe Error: (09/21/2013 02:58:19 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\sony\downloads\esetsmartinstaller_enu.exe Error: (09/21/2013 02:58:18 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\sony\downloads\esetsmartinstaller_deu.exe Error: (09/21/2013 02:58:16 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\sony\downloads\esetsmartinstaller_enu.exe Error: (09/21/2013 02:58:16 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\sony\downloads\esetsmartinstaller_deu.exe Error: (09/21/2013 02:56:52 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (09/21/2013 10:18:59 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\sony\Downloads\esetsmartinstaller_deu.exe Error: (09/21/2013 10:18:49 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\sony\Downloads\esetsmartinstaller_deu.exe Error: (09/21/2013 09:40:14 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe ==================== Memory info =========================== Percentage of memory in use: 56% Total physical RAM: 4077.86 MB Available physical RAM: 1772.11 MB Total Pagefile: 8153.9 MB Available Pagefile: 5653.29 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:582.18 GB) (Free:524.88 GB) NTFS Drive f: () (Removable) (Total:15.05 GB) (Free:7.13 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: A278D222) Partition 1: (Not Active) - (Size=14 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=582 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 15 GB) (Disk ID: 6E652072) No partition Table on disk 2. ==================== End Of Log ============================ SecurityCheck.txt Code:
ATTFilter Results of screen317's Security Check version 0.99.73 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! AVG Anti-Virus 2013 Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` xp-AntiSpy 3.98-2 Malwarebytes Anti-Malware Version 1.75.0.1300 Java(TM) 6 Update 22 Java version out of Date! Adobe Flash Player 11.8.800.168 Adobe Reader 10.1.7 Adobe Reader out of Date! Mozilla Firefox (24.0) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
22.09.2013, 12:32 | #12 | |
/// the machine /// TB-Ausbilder | Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.AZitat:
Java und Adobe updaten. Rechner soweit sauber, nur noch schnell die Dienste checken. Downloade dir bitte Farbar Service Scanner
Poste bitte den Inhalt hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
22.09.2013, 12:39 | #13 |
| Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A oh Okay Danke ^.^ Code:
ATTFilter Farbar Service Scanner Version: 13-09-2013 Ran by sony (administrator) on 22-09-2013 at 13:39:07 Running from "C:\Users\sony\Downloads" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. WAN connected Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 System Restore: ============ System Restore Disabled Policy: ======================== |
22.09.2013, 18:54 | #14 |
/// the machine /// TB-Ausbilder | Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
22.09.2013, 22:57 | #15 |
| Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A Hallo,... habe jetzt alles Erledigt was du mir Aufgetragen hast... Seitdem ist mein Firefox 3x Hängengeblieben und mein Computer 2x Abgestürzt... Hab auch mal andere sachen Ausprobiert... In Youtube hab ich immer noch das Problem,... Facebook schaf ich es nur noch mit dem Handy hinein und wenn doch dann ist sogar das 4x schneller als mein Computer trotz Reduzierter Leistung... Habe ich bei Firefox mehr als 1 Tab offen Stürzt es ab... Habe schon Avast und MBAM drüberlaufen lassen und sie finden nichts... ausser an die 35 Fehler die mir Avast schonmal angegeben hatte... hab auch meinen CCleaner schon über die Fehler laufen lassen diese kommen wieder... In der Quarantäne von mbam hab ich die 5 Viren noch kann ich die Löschen? Lg June Hatte auch wieder das Problem das alles wieder Untereinander steht statt wie Normal nebeneinander... Also das die Seite Geöffnet wird aber erst nach diesesmal sogar 5 Minuten erst die Richtige Seite richtig angezeigt wird... Die Einzige seite die momentan bei mir einigermaßen am Normalsten läuft ist hier Trojan-Board... Muss nur immer wieder 2x Laden weil mir nur die Halbe Seite Angezeigt wird trotzdessen das sie fertig geladen hat und was mich auch wundert im Normalthempo fast geladen wurde Mir wird auch Angezeigt das mein Windows-Sicherheitscenter deaktiviert ist Drücke ich aber auf den Button um es zu Aktivieren kommt ein Fenster mit dem Text ´´Der Windows-Sicherheitscenter kann nicht gestartet werden´´ Den PC hab ich auch schon Manuel Neugestartet und es ist wie Vorher als wir die Vieren Endeckt hatten... mbam und Avast finden keinerlei Bedrohungen... Höchstens Fehler und seiten die sie nicht auf Viren Prüfen können... |
Themen zu Trojan.P2P.Worm, PUP.Optitionional.Babylon.A, PUP.Optitional.InstallCore und PUP.Optitional.PerformerSoft.A |
avast, bitguard, computer, dateien, download, ebenfalls, firefox, frage, gelöscht, google, guard, guten, internetseite, knapp, laptop, löschen, nicht löschen, nicht mehr, nichts, problem, seite, seiten, sekunden, vieren, windows, youtube |