Snap.do vollständig löschen, auch aus Systemsteuerung...

pferdedings · 25.10.2013, 23:57

Liebe Experten hier im Forum,

ich habe mir mit der Installation der Software "Streamtransport" von streamtransport.com heute Abend leider auch dieses Snap.do und andere Programme eingefangen

. Die meisten der Programme ließen sich in der Systemsteuerung wieder deinstallieren. Von Snap.do gab es allerdings zwei: "Snap.do" und "Snap.do Enginge". "Engine" ließ sich ebenfalls entfernen, aber das Snap.do ist nach wie vor in der Anzeige der Systemsteuerung. Aus den Browsern (verwende hauptsächlich Firefox) habe ich die Toolbar und all das Zeug (soweit ich das beurteilen kann) wieder entfernt, erstmal mithilfe von Spybot und adwcleaner.

Das Problem: Nach wie vor wird in der Systemsteuerung das Programm "Snap.do" noch angezeigt und hat sogar eine Größe von 23,5MB. Zunächst hieß es immer kurz, es werde gesucht, als ich auf "Deinstallieren" klickte, dann passierte aber gar nichts. Jetzt habe ich auch noch das "Malwarebytes" drüberlaufen lassen, wie es hier im Forum empfohlen wird. Jetzt heißt es, beim Versuch, das Programm in der Systemsteuerung zu deinstallieren, etwas sei nicht verfügbar, ein Fenster "Windows Installer" öffnet sich - der Pfad bzw. die "Installationsquelle" wird nicht gefunden. Ja - weil ich sie mit den Anti-Spyware-Programmen gelöscht habe...?!

Aber wie bekomme ich dieses Programm noch aus meinen Programmen raus

? Oder ist es damit zerstört und unschädlich? Mir ist nicht wohl, wenn das mit 24MB in den installierten Programmen angezeigt wird...

Für eine Einschätzung und gegebenfalls Hilfe wäre ich dankbar

.

Hier die Daten aus dem Malwarebytes - die Objekte, die damit noch gefunden wurden, habe ich entfernt (vorher schon Einiges mit Spybot und adwcleaner):

Zitat:

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.25.09

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
[Vorname Nachname] :: VAIO [Administrator]

Schutz: Aktiviert

26.10.2013 00:13:47
mbam-log-2013-10-26 (00-13-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 207294
Laufzeit: 5 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=881912ed-6e32-08b5-fd37-d88fd1cfe867&searchtype=ds&q={searchTerms}&installDate=25/10/2013) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=881912ed-6e32-08b5-fd37-d88fd1cfe867&searchtype=ds&q={searchTerms}&installDate=25/10/2013) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=881912ed-6e32-08b5-fd37-d88fd1cfe867&searchtype=ds&q={searchTerms}&installDate=25/10/2013) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=881912ed-6e32-08b5-fd37-d88fd1cfe867&searchtype=ds&q={searchTerms}&installDate=25/10/2013) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\[Vorname Nachname]\Downloads\cdbxp_setup_4.5.2.4214_minimal.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\261259.msi (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

schrauber · 26.10.2013, 11:24

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

pferdedings · 26.10.2013, 12:40

Hi,

hier die Texte (ich hoffe da sind nicht irgendwelche privaten Daten oder so drin

):

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013
Ran by [Vorname Nachname] (administrator) on VAIO on 26-10-2013 13:04:22
Running from C:\Users\[Vorname Nachname]\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
() C:\Program Files (x86)\Office-Bibliothek\PCLib.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Windows\SysWOW64\txtuser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\EMMSN.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Nori\Nori.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Atheros Communications))
HKCU\...\Run: [Colourificator] - C:\Program Files\Colourificator\Colourificator.exe mini
HKCU\...\Run: [AVG-Secure-Search-Update_0913b] - C:\Users\[Vorname Nachname]\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ec2b1693f28847d39ca5d977c838908f-6c7e4ce8503bdfe11eaee6babc09dc7f8809a310 --CMPID 0913b
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
MountPoints2: {1844f2f5-d737-11e2-bfb1-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {1ee0e664-a2c3-11e2-bea6-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {1ee0e6c5-a2c3-11e2-bea6-083e8edc797c} - "F:\AutoRun.exe" 
MountPoints2: {1ee0e6ee-a2c3-11e2-bea6-083e8edc797c} - "F:\AutoRun.exe" 
MountPoints2: {1ee0e711-a2c3-11e2-bea6-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {22d6a11c-bd36-11e2-bf28-083e8edc797c} - "F:\AutoRun.exe" 
MountPoints2: {2f8ba441-c7bf-11e2-bf66-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {3c51a0c7-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {3c51a0e6-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {3c51a150-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {89777381-bd6e-11e2-bf2c-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {a32a4445-c38a-11e2-bf46-001e101fe855} - "E:\AutoRun.exe" 
MountPoints2: {ad1dcf32-bd34-11e2-bf27-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {cf731fe7-bd53-11e2-bf2b-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {cf73200f-bd53-11e2-bf2b-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {d38e5914-bd31-11e2-bf26-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {d38e594a-bd31-11e2-bf26-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {ef22ea4a-c7ac-11e2-bf65-001e101f6ae6} - "E:\AutoRun.exe" 
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-02-19] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-07-08] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-10] (Advanced Micro Devices, Inc.)
Startup: C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\..\Interfaces\{24A20C12-DEB8-46B7-A5D1-154B50666078}: [NameServer]193.189.244.206 193.189.244.225

FireFox:
========
FF ProfilePath: C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: SQLiteManager - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
FF Extension: Adblock Plus - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-08-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-08-06] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-06-22] (McAfee, Inc.)
R2 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [5619000 2012-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-06-22] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros)
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [x]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-07-30] (AVG Technologies CZ, s.r.o.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 iscFlash; \??\C:\ProgramData\Sony Corporation\Sony Packaging Manager\PackagingTemp\{805B6B27-BC87-4B30-9429-2F90B911A0E5}\iscflashx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-26 13:04 - 2013-10-26 13:04 - 00000000 ____D C:\FRST
2013-10-26 13:03 - 2013-10-26 13:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Downloads\FRST64.exe
2013-10-26 13:03 - 2013-10-26 13:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Desktop\FRST64.exe
2013-10-26 00:11 - 2013-10-26 00:11 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\Malwarebytes
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-26 00:11 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-26 00:10 - 2013-10-26 00:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\[Vorname Nachname]\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 22:26 - 2013-10-25 22:32 - 00000000 ____D C:\AdwCleaner
2013-10-25 22:25 - 2013-10-25 22:25 - 01060070 _____ C:\Users\[Vorname Nachname]\Downloads\adwcleaner-3.010.exe
2013-10-25 20:27 - 2013-10-25 20:27 - 00002408 _____ C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-10-25 20:19 - 2013-10-25 20:20 - 00000000 ____D C:\Users\[Vorname Nachname]\.mediathek3
2013-10-22 22:11 - 2013-10-22 22:12 - 00000000 ____D C:\Users\[Vorname Nachname]\Desktop\Bewerbung 1
2013-10-21 16:50 - 2013-10-21 16:50 - 00000000 ____D C:\ProgramData\ATI
2013-10-21 16:49 - 2013-10-21 16:49 - 00000000 ____D C:\ProgramData\AMD
2013-10-21 16:49 - 2013-10-21 16:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-21 16:46 - 2012-10-03 20:04 - 05540008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-10-21 16:46 - 2012-10-03 20:02 - 10316800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2013-10-21 16:46 - 2012-10-03 19:59 - 24854528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2013-10-21 16:46 - 2012-10-03 19:31 - 20445696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-10-21 16:46 - 2012-10-03 18:58 - 00070144 _____ (AMD) C:\Windows\system32\coinst_8.982.10.8.dll
2013-10-21 16:46 - 2012-10-03 18:56 - 00270536 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-10-21 16:46 - 2012-10-03 18:56 - 00270536 _____ C:\Windows\system32\atiapfxx.blb
2013-10-21 16:46 - 2012-10-03 18:55 - 00163840 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2013-10-21 16:46 - 2012-10-03 18:54 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2013-10-21 16:46 - 2012-10-03 18:54 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-10-21 16:46 - 2012-10-03 18:53 - 16034304 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2013-10-21 16:46 - 2012-10-03 18:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-10-21 16:46 - 2012-10-03 18:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2013-10-21 16:46 - 2012-10-03 18:49 - 13605888 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-10-21 16:46 - 2012-10-03 18:46 - 00927744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-10-21 16:46 - 2012-10-03 18:42 - 06430208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-10-21 16:46 - 2012-10-03 18:32 - 00534528 _____ (AMD) C:\Windows\system32\atieclxx.exe
2013-10-21 16:46 - 2012-10-03 18:32 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2013-10-21 16:46 - 2012-10-03 18:31 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2013-10-21 16:46 - 2012-10-03 18:30 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2013-10-21 16:46 - 2012-10-03 18:29 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2013-10-21 16:46 - 2012-10-03 18:29 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2013-10-21 16:46 - 2012-10-03 18:29 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2013-10-21 16:46 - 2012-10-03 18:28 - 04753408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00540672 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00056832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00056832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00056320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00056320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2013-10-21 16:46 - 2012-10-03 18:07 - 00370688 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2013-10-21 16:46 - 2012-10-03 18:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-10-21 16:46 - 2012-10-03 18:06 - 00083456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-10-21 16:46 - 2012-10-03 18:05 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2013-10-21 16:46 - 2012-08-02 17:34 - 00038316 _____ C:\Windows\atiogl.xml
2013-10-21 16:42 - 2013-10-21 16:42 - 00000000 ____D C:\ProgramData\CLSK
2013-10-21 16:20 - 2013-10-21 16:20 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\AVG2014
2013-10-21 16:19 - 2013-10-21 16:19 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-21 16:16 - 2013-10-21 16:20 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-21 11:33 - 2013-10-21 11:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 11:33 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-21 11:33 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-21 11:33 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-21 11:33 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-21 11:32 - 2013-10-21 11:33 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-18 21:25 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-18 21:25 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-10-18 21:25 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-18 21:25 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-10-18 21:25 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-18 21:25 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-10-18 21:25 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-10-18 21:24 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-10-18 21:24 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-10-18 21:24 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-10-18 21:24 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-18 21:24 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-18 21:24 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-18 21:24 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-18 21:24 - 2013-07-31 01:30 - 00386923 _____ C:\Windows\system32\ApnDatabase.xml
2013-10-18 21:24 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-18 21:24 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-10-18 21:21 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-10-18 21:21 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-10-18 21:21 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-10-18 21:21 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-10-18 21:21 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-10-18 21:21 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-10-18 19:03 - 2013-10-18 19:03 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 20:45 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-17 20:45 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-17 20:45 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-17 20:45 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-17 20:45 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-17 20:45 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-17 20:45 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-17 20:45 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-17 20:45 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-17 20:45 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-17 20:45 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-17 20:45 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-10-17 20:45 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-10-17 20:45 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-17 20:45 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-17 20:45 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-10-17 20:45 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-17 20:45 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-17 20:45 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-17 20:45 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-17 20:45 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-17 20:45 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-17 20:45 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-10-17 20:45 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-17 20:45 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 19:17 - 2013-10-11 19:17 - 00389032 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 20:54 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 14:49 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 14:49 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 14:33 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 14:33 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 14:33 - 2013-07-02 00:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 14:33 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-10 14:33 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 14:33 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 14:33 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 14:33 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-10 12:14 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 12:14 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 12:14 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 12:14 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 12:09 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 12:09 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 12:09 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 12:09 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 12:09 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 12:09 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 12:06 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 12:06 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 12:06 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-10 12:06 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-10 12:06 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-06 19:29 - 2013-10-06 19:29 - 00001535 _____ C:\Users\[Vorname Nachname]\AppData\Local\recently-used.xbel
2013-10-05 14:55 - 2013-10-05 14:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-05 13:50 - 2013-10-21 20:30 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Avg2014
2013-10-01 11:28 - 2013-10-01 11:28 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\aus dem Fernsehen
2013-10-01 10:51 - 2013-10-01 10:51 - 78769095 _____ C:\Users\[Vorname Nachname]\Documents\Gepräch.mp4
2013-10-01 10:49 - 2013-10-01 11:41 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Kabarett

==================== One Month Modified Files and Folders =======

2013-10-26 13:05 - 2013-05-14 11:36 - 00000000 ____D C:\ProgramData\MFAData
2013-10-26 13:04 - 2013-10-26 13:04 - 00000000 ____D C:\FRST
2013-10-26 13:04 - 2013-03-06 12:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2229220886-3483987971-1552778777-1001
2013-10-26 13:03 - 2013-10-26 13:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Downloads\FRST64.exe
2013-10-26 13:03 - 2013-10-26 13:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Desktop\FRST64.exe
2013-10-26 12:59 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-26 01:18 - 2012-10-22 07:38 - 01246500 _____ C:\Windows\WindowsUpdate.log
2013-10-26 01:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-26 00:23 - 2012-08-03 04:22 - 00056704 _____ C:\Windows\PFRO.log
2013-10-26 00:11 - 2013-10-26 00:11 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\Malwarebytes
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-26 00:10 - 2013-10-26 00:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\[Vorname Nachname]\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 22:32 - 2013-10-25 22:26 - 00000000 ____D C:\AdwCleaner
2013-10-25 22:25 - 2013-10-25 22:25 - 01060070 _____ C:\Users\[Vorname Nachname]\Downloads\adwcleaner-3.010.exe
2013-10-25 22:02 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-25 21:06 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-25 20:28 - 2013-03-06 11:24 - 00000000 ____D C:\Users\[Vorname Nachname]
2013-10-25 20:27 - 2013-10-25 20:27 - 00002408 _____ C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-10-25 20:26 - 2013-03-06 22:59 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\CrashDumps
2013-10-25 20:20 - 2013-10-25 20:19 - 00000000 ____D C:\Users\[Vorname Nachname]\.mediathek3
2013-10-25 19:49 - 2013-03-06 17:01 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Adobe
2013-10-24 22:08 - 2012-10-22 08:15 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-10-24 22:08 - 2012-10-22 08:15 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-10-24 22:08 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-24 12:09 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-10-22 22:12 - 2013-10-22 22:11 - 00000000 ____D C:\Users\[Vorname Nachname]\Desktop\Bewerbung 1
2013-10-21 22:12 - 2013-03-15 18:47 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Audible
2013-10-21 20:30 - 2013-10-05 13:50 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Avg2014
2013-10-21 19:25 - 2013-04-16 12:31 - 00000000 ____D C:\Update
2013-10-21 16:50 - 2013-10-21 16:50 - 00000000 ____D C:\ProgramData\ATI
2013-10-21 16:49 - 2013-10-21 16:49 - 00000000 ____D C:\ProgramData\AMD
2013-10-21 16:49 - 2013-10-21 16:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-21 16:49 - 2012-10-22 07:33 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-10-21 16:46 - 2012-07-26 09:21 - 00042543 _____ C:\Windows\setupact.log
2013-10-21 16:43 - 2012-10-22 08:11 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-21 16:43 - 2012-10-22 08:00 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-10-21 16:43 - 2003-03-18 20:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-10-21 16:43 - 2003-02-21 04:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-10-21 16:42 - 2013-10-21 16:42 - 00000000 ____D C:\ProgramData\CLSK
2013-10-21 16:41 - 2012-10-22 07:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-21 16:23 - 2013-05-14 11:37 - 00000000 ____D C:\ProgramData\AVG2013
2013-10-21 16:20 - 2013-10-21 16:20 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\AVG2014
2013-10-21 16:20 - 2013-10-21 16:16 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-21 16:20 - 2013-05-14 11:37 - 00000000 ___HD C:\$AVG
2013-10-21 16:20 - 2013-05-14 11:37 - 00000000 ____D C:\Program Files (x86)\AVG
2013-10-21 16:19 - 2013-10-21 16:19 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-21 16:19 - 2013-08-28 21:24 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-21 16:19 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-10-21 11:33 - 2013-10-21 11:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 11:33 - 2013-10-21 11:32 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-21 11:33 - 2013-06-23 21:59 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-20 15:37 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-10-20 13:11 - 2013-03-06 11:25 - 00000000 ___RD C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-20 13:11 - 2013-03-06 11:25 - 00000000 ___RD C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-20 00:00 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-10-18 19:03 - 2013-10-18 19:03 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 12:35 - 2013-03-06 12:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 12:20 - 2013-07-21 16:56 - 00000000 ____D C:\Windows\system32\MRT
2013-10-14 12:16 - 2013-04-17 12:23 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-11 19:17 - 2013-10-11 19:17 - 00389032 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-08 18:01 - 2013-05-14 10:04 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Bewerbungsunterlagen
2013-10-08 07:50 - 2013-10-21 11:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-21 11:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-21 11:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-21 11:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-06 19:39 - 2013-08-24 15:49 - 00000000 ____D C:\Users\[Vorname Nachname]\.gimp-2.8
2013-10-06 19:29 - 2013-10-06 19:29 - 00001535 _____ C:\Users\[Vorname Nachname]\AppData\Local\recently-used.xbel
2013-10-05 22:01 - 2013-03-06 13:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 19:40 - 2013-05-04 11:42 - 00007680 _____ C:\Users\[Vorname Nachname]\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-05 14:55 - 2013-10-05 14:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-02 03:38 - 2013-09-12 17:29 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-09-12 17:29 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 11:41 - 2013-10-01 10:49 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Kabarett
2013-10-01 11:28 - 2013-10-01 11:28 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\aus dem Fernsehen
2013-10-01 10:51 - 2013-10-01 10:51 - 78769095 _____ C:\Users\[Vorname Nachname]\Documents\Gepräch.mp4
2013-10-01 10:34 - 2013-07-08 10:34 - 00000000 ____D C:\Users\[Vorname Nachname]\dwhelper

Some content of TEMP:
====================
C:\Users\[Vorname Nachname]\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\[Vorname Nachname]\AppData\Local\Temp\Quarantine.exe
C:\Users\[Vorname Nachname]\AppData\Local\Temp\ResetDevice.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-19 12:54

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

ADDITION:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2013
Ran by [Vorname Nachname ] at 2013-10-26 13:05:45
Running from C:\Users\[Vorname Nachname ]\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
AFPL Ghostscript 8.54 (x32)
AFPL Ghostscript Fonts (x32)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Aloha TriPeaks (x32 Version: 2.2.0.98)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
AMD Accelerated Video Transcoding (Version: 12.5.100.21010)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
Ashampoo Photo Commander 10 v.10.2.1 (x32 Version: 10.2.1)
AudibleManager (x32 Version: 18414980.4759644.48.2000878978)
AVG 2014 (Version: 14.0.3615)
AVG 2014 (Version: 14.0.4158)
AVG 2014 (Version: 2014.0.4158)
Bejeweled 3 (x32 Version: 2.2.0.98)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110)
Canon IJ Scan Utility (x32)
Canon MG3200 series Benutzerregistrierung (x32)
Canon MG3200 series MP Drivers (Version: 1.01)
Canon MG3200 series On-screen Manual (x32 Version: 7.5.0)
Canon My Image Garden (x32 Version: 1.0.0)
Canon My Image Garden Design Files (x32 Version: 1.0.0)
Canon My Printer (x32 Version: 3.0.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.1010.1519.25530)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1010.1519.25530)
Catalyst Control Center InstallProxy (x32 Version: 2012.1010.1519.25530)
Catalyst Control Center Localization All (x32 Version: 2012.1010.1519.25530)
CCC Help Chinese Standard (x32 Version: 2012.1010.1518.25530)
CCC Help Chinese Traditional (x32 Version: 2012.1010.1518.25530)
CCC Help Czech (x32 Version: 2012.1010.1518.25530)
CCC Help Danish (x32 Version: 2012.1010.1518.25530)
CCC Help Dutch (x32 Version: 2012.1010.1518.25530)
CCC Help English (x32 Version: 2012.1010.1518.25530)
CCC Help Finnish (x32 Version: 2012.1010.1518.25530)
CCC Help French (x32 Version: 2012.1010.1518.25530)
CCC Help German (x32 Version: 2012.1010.1518.25530)
CCC Help Greek (x32 Version: 2012.1010.1518.25530)
CCC Help Hungarian (x32 Version: 2012.1010.1518.25530)
CCC Help Italian (x32 Version: 2012.1010.1518.25530)
CCC Help Japanese (x32 Version: 2012.1010.1518.25530)
CCC Help Korean (x32 Version: 2012.1010.1518.25530)
CCC Help Norwegian (x32 Version: 2012.1010.1518.25530)
CCC Help Polish (x32 Version: 2012.1010.1518.25530)
CCC Help Portuguese (x32 Version: 2012.1010.1518.25530)
CCC Help Russian (x32 Version: 2012.1010.1518.25530)
CCC Help Spanish (x32 Version: 2012.1010.1518.25530)
CCC Help Swedish (x32 Version: 2012.1010.1518.25530)
CCC Help Thai (x32 Version: 2012.1010.1518.25530)
CCC Help Turkish (x32 Version: 2012.1010.1518.25530)
ccc-utility64 (Version: 2012.1010.1519.25530)
CDBurnerXP (x32 Version: 4.5.2.4214)
CDex - Open Source Digital Audio CD Extractor (x32 Version: 1.70.4.2009)
Chronicles of Albian (x32 Version: 2.2.0.110)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Colourificator (x32)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1923)
CyberLink PowerDVD (x32 Version: 9.0.6426.52)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
FATE (x32 Version: 2.2.0.97)
FDUx86 (x32 Version: 1.0.0)
FreePDF (Remove only) (x32)
GIMP 2.8.6 (Version: 2.8.6)
Google Update Helper (x32 Version: 1.3.23.0)
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110)
HUAWEI DataCard Driver 4.20.12.00 (x32 Version: 4.20.12.00)
Intel AppUp(SM) center (x32 Version: 03.05.11)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.3.1004)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
IrfanView (remove only) (x32 Version: 4.35)
Java 7 Update 17 (64-bit) (Version: 7.0.170)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
KUx86 (x32 Version: 1.0.0)
Luxor HD (x32 Version: 2.2.0.110)
Mahjongg Artifacts (x32 Version: 2.2.0.110)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Parental Controls (x32 Version: 1.0.482.4)
McAfee Security Scan Plus (Version: 3.8.130.8)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Picture It! 2000 (x32 Version: 4.0.0.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mobile Connection Manager (x32)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
Office-Bibliothek 4.0 (x32)
PDF24 Creator 5.3.0 (x32)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
PlayMemories Home (x32 Version: 6.3.02.07270)
Polar Bowler (x32 Version: 2.2.0.97)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.218)
RealDownloader (x32 Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.2)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121)
RealUpgrade 1.1 (x32 Version: 1.1.0)
RedMon - Redirection Port Monitor
Remote Keyboard (x32 Version: 1.2.0.09270)
Restore (x32 Version: 1.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
Snap.Do (x32 Version: 1.149.1.12678)
Spybot - Search & Destroy (x32 Version: 2.1.21)
SSLx64 (Version: 1.0.0)
SSLx86 (x32 Version: 1.0.0)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.16.2)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Update Installer for WildTangent Games App (x32)
VAIO - Remote-Tastatur (x32 Version: 1.2.0.09270)
VAIO - Xperia Link (x32 Version: 1.0.1.10180)
VAIO Care (Version: 8.0.0.08150)
VAIO Control Center (x32 Version: 6.0.0.08200)
VAIO Data Restore Tool (x32 Version: 1.10.0.07270)
VAIO Easy Connect (x32 Version: 1.2.0.08150)
VAIO Gate (x32 Version: 3.0.1.02270)
VAIO Gate Default (x32 Version: 3.0.0.08060)
VAIO Gesture Control (x32 Version: 2.0.0.08240)
VAIO Image Optimizer (x32 Version: 3.0.00.08170)
VAIO Image Optimizer (x32 Version: 3.2.00.07040)
VAIO Improvement (x32 Version: 2.0.0.08090)
VAIO Media Server Settings (Version: 1.0.0.08240)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170)
VAIO Update (x32 Version: 6.3.0.08010)
VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200)
VAIO-Handbuch (x32 Version: 3.0.0.08100)
VAIO-Support für Übertragungen (x32 Version: 1.8.0.08212)
VCCx64 (Version: 1.0.0)
VCCx86 (x32 Version: 1.0.0)
VGClientX64 (Version: 1.0.0)
VHD (x32 Version: 1.0.0)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
VIx64 (Version: 1.0.0)
VIx86 (x32 Version: 1.0.0)
VMLx86 (x32 Version: 1.0.0)
VPMx64 (Version: 1.0.0)
VSSTx64 (Version: 1.0.0)
VSSTx86 (x32 Version: 1.0.0)
VU5x64 (Version: 1.0.0)
VU5x86 (x32 Version: 1.0.0)
VUx64 (Version: 1.0.0)
VUx86 (x32 Version: 1.0.0)
VWSTx86 (x32 Version: 1.0.0)
WildTangent Games App (x32 Version: 4.0.8.7)
WildTangent-Spiele (x32 Version: 1.0.3.0)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
XperiaLinkx86 (x32 Version: 1.0.0)

==================== Restore Points  =========================

10-10-2013 10:52:22 Windows Update
13-10-2013 15:43:25 Windows Update
17-10-2013 10:08:11 Windows Update
21-10-2013 09:31:49 Installed Java 7 Update 45
25-10-2013 19:35:48 S

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01CA97A3-31CB-4D31-A749-84D7EB853EA6} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {03181DBC-A6FB-4D2A-ADE0-30E94DF3B2DC} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {06E5CD31-2028-4285-BAF1-EC1740868D1B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2229220886-3483987971-1552778777-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {0CA0C674-AF05-4B78-94DA-C4595CC739C3} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {1587E52F-91D6-4FF4-9CC3-298A4A799CD6} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {251E4D59-EFBE-4863-99D1-9286AAFF7BAD} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {2978EC2B-9A6D-4267-A6DF-4F33FF44C54C} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {2A26A0E5-487F-4CAA-8CAD-C8DF002E079F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {38F1021E-10B2-496F-8041-E604FBCC456F} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {4EB289E7-1220-4EFC-B73A-770FCE6FB15E} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {53ACC749-81C3-4BB2-93EC-94BA7571731E} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {5703FCCA-D24D-4BB2-8F04-3578F7EF4C0B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {6D191478-6BC8-4863-A237-FD1C0304B273} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {7C479F16-F23C-4524-B815-74D23E09C08D} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {7CE3EFBA-733D-4E90-A1DE-CAE1A4FB93F4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {81D9E42E-4E31-4EEB-A030-67F70AA8A069} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {8FB93742-8BCD-4338-9644-54D41FEE492E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2229220886-3483987971-1552778777-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {A19D2754-ACEB-42CE-94B5-898B30E87805} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {A8199B4A-69D5-44B0-82D3-58343A71A900} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {ADA75012-7E73-4547-8DA9-F68A0AC49C00} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {BB668122-685E-486C-8165-CB0B98555DB4} - \Scheduled Update for Ask Toolbar No Task File
Task: {BB70592C-81D5-4CCF-9944-5B68BB4EDD3B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {C96B1444-5BC9-4E41-92EC-8C4F38235471} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {CA367B8F-D04F-46FC-8ABF-86C402AF1BAE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {CC5A4D54-37FC-4DFA-B12F-91B974CFC5A2} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-19] (Sony Corporation)
Task: {EC4537BA-E61F-42CF-B225-134AFE286F41} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {F04171D9-6FB5-4C3A-B8A3-F8F02E364D64} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {F2C9919C-B71D-4291-8572-E755A0859891} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-08-01] (Sony Corporation)
Task: {F9AD1AF8-284D-426B-B32F-5CCA96C5A13E} - \Dealply No Task File
Task: {FA16BEBA-BD6A-4490-957C-C5A845C810C7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)

==================== Loaded Modules (whitelisted) =============

2012-12-28 12:07 - 2012-12-28 12:07 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 12:04 - 2012-12-28 12:04 - 00084480 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 12:10 - 2012-12-28 12:10 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-12-28 12:04 - 2012-12-28 12:04 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2013-09-18 13:35 - 2013-09-18 13:35 - 01121792 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\937d81c961078049761a9c1e9abb6ef4\Windows.Storage.ni.dll
2013-09-18 13:36 - 2013-09-18 13:36 - 01061888 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\a4aef785d3ce787535cf39a1a67f6b48\Windows.ApplicationModel.ni.dll
2013-09-18 13:35 - 2013-09-18 13:35 - 00351232 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\967740f7ed74ebe361d82cba59a694b2\Windows.Data.ni.dll
2013-09-18 13:35 - 2013-09-18 13:35 - 00295936 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\14050be959443e89237e6c9136ea8e5e\Windows.Foundation.ni.dll
2012-10-10 15:17 - 2012-10-10 15:17 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-03-06 22:55 - 2001-03-07 15:09 - 00049152 _____ () C:\Program Files (x86)\Office-Bibliothek\KDHook.dll
2013-03-06 22:55 - 1999-12-16 10:33 - 00032768 _____ () C:\Program Files (x86)\Office-Bibliothek\KapKey.dll
2013-08-28 21:24 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-08-28 21:24 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-08-28 21:24 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-08-28 21:24 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-08-28 21:24 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-03-06 22:55 - 2001-03-12 18:02 - 00045056 _____ () C:\Program Files (x86)\Office-Bibliothek\KDMod.dll
2013-03-06 22:55 - 2005-07-29 08:25 - 00176128 _____ () C:\Program Files (x86)\Office-Bibliothek\PAGOFFBIB.dll
2013-03-06 22:55 - 2005-07-29 08:25 - 00040960 _____ () C:\Program Files (x86)\Office-Bibliothek\OLEACC.dll
2013-03-06 22:55 - 2001-01-17 09:50 - 00266310 _____ () C:\Program Files (x86)\Office-Bibliothek\activepg.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00015872 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00443904 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-10-22 08:01 - 2012-06-25 15:47 - 00060928 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2011-05-19 15:30 - 2011-05-19 15:30 - 00125304 _____ () C:\Program Files (x86)\o2\Mobile Connection Manager\AgendaLib.dll
2010-12-01 18:29 - 2010-12-01 18:29 - 00508760 _____ () C:\Program Files (x86)\o2\Mobile Connection Manager\sqlite3.dll
2011-01-20 16:49 - 2011-01-20 16:49 - 00021880 _____ () C:\Program Files (x86)\o2\Mobile Connection Manager\langs\de_DE_md.dll
2011-06-01 13:22 - 2011-06-01 13:22 - 00201080 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgalc.dll
2011-06-01 13:22 - 2011-06-01 13:22 - 00190840 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plgati.dll
2011-06-01 13:22 - 2011-06-01 13:22 - 00409976 _____ () C:\Program Files (x86)\o2\Nori\legplgs\plghwi.dll
2012-10-22 08:11 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-05 14:55 - 2013-10-05 14:55 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-10-22 07:34 - 2012-08-06 19:54 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: USB2.0 Camera
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Mikrofon (Realtek High Definition Audio)
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Qualcomm Atheros AR3012 Bluetooth(R) Adapter
Description: Qualcomm Atheros AR3012 Bluetooth(R) Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/25/2013 08:26:30 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StreamTransport.exe, Version: 1.0.2.2171, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: sockhook.dll, Version: 1.0.2.436, Zeitstempel: 0x4b46d312
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001f72
ID des fehlerhaften Prozesses: 0x1ac8
Startzeit der fehlerhaften Anwendung: 0xStreamTransport.exe0
Pfad der fehlerhaften Anwendung: StreamTransport.exe1
Pfad des fehlerhaften Moduls: StreamTransport.exe2
Berichtskennung: StreamTransport.exe3
Vollständiger Name des fehlerhaften Pakets: StreamTransport.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: StreamTransport.exe5

Error: (10/25/2013 08:24:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StreamTransport.exe, Version: 1.0.2.2171, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: sockhook.dll, Version: 1.0.2.436, Zeitstempel: 0x4b46d312
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001f72
ID des fehlerhaften Prozesses: 0x11bc
Startzeit der fehlerhaften Anwendung: 0xStreamTransport.exe0
Pfad der fehlerhaften Anwendung: StreamTransport.exe1
Pfad des fehlerhaften Moduls: StreamTransport.exe2
Berichtskennung: StreamTransport.exe3
Vollständiger Name des fehlerhaften Pakets: StreamTransport.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: StreamTransport.exe5

Error: (10/25/2013 08:16:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StreamTransport.exe, Version: 1.0.2.2171, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: sockhook.dll, Version: 1.0.2.436, Zeitstempel: 0x4b46d312
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001f72
ID des fehlerhaften Prozesses: 0x1da8
Startzeit der fehlerhaften Anwendung: 0xStreamTransport.exe0
Pfad der fehlerhaften Anwendung: StreamTransport.exe1
Pfad des fehlerhaften Moduls: StreamTransport.exe2
Berichtskennung: StreamTransport.exe3
Vollständiger Name des fehlerhaften Pakets: StreamTransport.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: StreamTransport.exe5

Error: (10/25/2013 08:15:16 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StreamTransport.exe, Version: 1.0.2.2171, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: sockhook.dll, Version: 1.0.2.436, Zeitstempel: 0x4b46d312
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001f72
ID des fehlerhaften Prozesses: 0x1edc
Startzeit der fehlerhaften Anwendung: 0xStreamTransport.exe0
Pfad der fehlerhaften Anwendung: StreamTransport.exe1
Pfad des fehlerhaften Moduls: StreamTransport.exe2
Berichtskennung: StreamTransport.exe3
Vollständiger Name des fehlerhaften Pakets: StreamTransport.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: StreamTransport.exe5

Error: (10/25/2013 08:14:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StreamTransport.exe, Version: 1.0.2.2171, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: sockhook.dll, Version: 1.0.2.436, Zeitstempel: 0x4b46d312
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001f72
ID des fehlerhaften Prozesses: 0x1c90
Startzeit der fehlerhaften Anwendung: 0xStreamTransport.exe0
Pfad der fehlerhaften Anwendung: StreamTransport.exe1
Pfad des fehlerhaften Moduls: StreamTransport.exe2
Berichtskennung: StreamTransport.exe3
Vollständiger Name des fehlerhaften Pakets: StreamTransport.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: StreamTransport.exe5

Error: (10/25/2013 08:14:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StreamTransport.exe, Version: 1.0.2.2171, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: sockhook.dll, Version: 1.0.2.436, Zeitstempel: 0x4b46d312
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001f72
ID des fehlerhaften Prozesses: 0x1380
Startzeit der fehlerhaften Anwendung: 0xStreamTransport.exe0
Pfad der fehlerhaften Anwendung: StreamTransport.exe1
Pfad des fehlerhaften Moduls: StreamTransport.exe2
Berichtskennung: StreamTransport.exe3
Vollständiger Name des fehlerhaften Pakets: StreamTransport.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: StreamTransport.exe5

Error: (10/24/2013 05:39:02 PM) (Source: RasClient) (User: )
Description: CoID={D5C2CDF0-0438-4F86-B82F-081AA54F091E}: Der Benutzer "VAIO\[Vorname Nachname ]" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (10/23/2013 00:39:04 PM) (Source: RasClient) (User: )
Description: CoID={C9E946DA-7FDB-47D3-BB4B-B71D0C9C5451}: Der Benutzer "VAIO\[Vorname Nachname ]" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (10/22/2013 05:31:24 PM) (Source: RasClient) (User: )
Description: CoID={A8D2048D-D895-41C2-AB93-00718052DDF6}: Der Benutzer "VAIO\[Vorname Nachname ]" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (10/22/2013 00:09:56 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: officebib.exe, Version: 4.0.0.0, Zeitstempel: 0x4249567c
Name des fehlerhaften Moduls: officebib.exe, Version: 4.0.0.0, Zeitstempel: 0x4249567c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000da80b
ID des fehlerhaften Prozesses: 0x1dd4
Startzeit der fehlerhaften Anwendung: 0xofficebib.exe0
Pfad der fehlerhaften Anwendung: officebib.exe1
Pfad des fehlerhaften Moduls: officebib.exe2
Berichtskennung: officebib.exe3
Vollständiger Name des fehlerhaften Pakets: officebib.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: officebib.exe5


System errors:
=============
Error: (10/26/2013 00:59:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/26/2013 00:24:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/25/2013 11:36:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/25/2013 10:33:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/25/2013 10:30:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/25/2013 10:03:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/25/2013 08:56:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/25/2013 08:28:12 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (10/25/2013 08:26:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/25/2013 08:10:49 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (10/25/2013 08:26:30 PM) (Source: Application Error)(User: )
Description: StreamTransport.exe1.0.2.21712a425e19sockhook.dll1.0.2.4364b46d312c000000500001f721ac801ced1afa9b0ad59C:\Program Files (x86)\StreamTransport\StreamTransport.exeC:\Program Files (x86)\StreamTransport\sockhook.dllf72e98ca-3da2-11e3-8209-30f9edc559eb

Error: (10/25/2013 08:24:29 PM) (Source: Application Error)(User: )
Description: StreamTransport.exe1.0.2.21712a425e19sockhook.dll1.0.2.4364b46d312c000000500001f7211bc01ced1af587f93ddC:\Program Files (x86)\StreamTransport\StreamTransport.exeC:\Program Files (x86)\StreamTransport\sockhook.dllaf63c782-3da2-11e3-8209-30f9edc559eb

Error: (10/25/2013 08:16:57 PM) (Source: Application Error)(User: )
Description: StreamTransport.exe1.0.2.21712a425e19sockhook.dll1.0.2.4364b46d312c000000500001f721da801ced1ae5faff5d0C:\Program Files (x86)\StreamTransport\StreamTransport.exeC:\Program Files (x86)\StreamTransport\sockhook.dlla1ffadb0-3da1-11e3-8209-30f9edc559eb

Error: (10/25/2013 08:15:16 PM) (Source: Application Error)(User: )
Description: StreamTransport.exe1.0.2.21712a425e19sockhook.dll1.0.2.4364b46d312c000000500001f721edc01ced1ae2353de97C:\Program Files (x86)\StreamTransport\StreamTransport.exeC:\Program Files (x86)\StreamTransport\sockhook.dll65739ad9-3da1-11e3-8209-30f9edc559eb

Error: (10/25/2013 08:14:40 PM) (Source: Application Error)(User: )
Description: StreamTransport.exe1.0.2.21712a425e19sockhook.dll1.0.2.4364b46d312c000000500001f721c9001ced1ae0dad5a5cC:\Program Files (x86)\StreamTransport\StreamTransport.exeC:\Program Files (x86)\StreamTransport\sockhook.dll500f6e54-3da1-11e3-8209-30f9edc559eb

Error: (10/25/2013 08:14:14 PM) (Source: Application Error)(User: )
Description: StreamTransport.exe1.0.2.21712a425e19sockhook.dll1.0.2.4364b46d312c000000500001f72138001ced1adf1175af8C:\Program Files (x86)\StreamTransport\StreamTransport.exeC:\Program Files (x86)\StreamTransport\sockhook.dll40e601dc-3da1-11e3-8209-30f9edc559eb

Error: (10/24/2013 05:39:02 PM) (Source: RasClient)(User: )
Description: {D5C2CDF0-0438-4F86-B82F-081AA54F091E}VAIO\[Vorname Nachname ]o2 Internet0

Error: (10/23/2013 00:39:04 PM) (Source: RasClient)(User: )
Description: {C9E946DA-7FDB-47D3-BB4B-B71D0C9C5451}VAIO\[Vorname Nachname ]o2 Internet0

Error: (10/22/2013 05:31:24 PM) (Source: RasClient)(User: )
Description: {A8D2048D-D895-41C2-AB93-00718052DDF6}VAIO\[Vorname Nachname ]o2 Internet0

Error: (10/22/2013 00:09:56 PM) (Source: Application Error)(User: )
Description: officebib.exe4.0.0.04249567cofficebib.exe4.0.0.04249567cc0000005000da80b1dd401cecf0eda23987bC:\Program Files (x86)\Office-Bibliothek\officebib.exeC:\Program Files (x86)\Office-Bibliothek\officebib.exe19762acd-3b02-11e3-81fa-001e101f629b


==================== Memory info =========================== 

Percentage of memory in use: 53%
Total physical RAM: 4043.27 MB
Available physical RAM: 1861.2 MB
Total Pagefile: 4747.27 MB
Available Pagefile: 2298.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:566.31 GB) (Free:490.55 GB) NTFS
Drive e: (o2) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 9A29B23F)

Partition: GPT Partition Type
==================== End Of Log ============================

schrauber · 26.10.2013, 18:18

Nee da steht nix wichtiges drin.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

pferdedings · 26.10.2013, 19:40

Hallo schrauber,

vielen Dank schon mal!
Den adwcleaner hatte ich ja gestern schon einmal laufen. Habe es nun nochmal gemacht und hier der aktuelle Bericht (wenn wichtig, kann ich den von gestern auch noch posten):

Code:

ATTFilter

# AdwCleaner v3.010 - Bericht erstellt am 26/10/2013 um 19:57:42
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : [Vorname Nachname] - VAIO
# Gestartet von : C:\Users\[Vorname Nachname]\Desktop\adwcleaner-3.010.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\[Name]~1\AppData\Local\Temp\Smartbar

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\smartbar

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [17409 octets] - [25/10/2013 22:26:36]
AdwCleaner[R1].txt - [1096 octets] - [25/10/2013 22:31:36]
AdwCleaner[R2].txt - [1214 octets] - [26/10/2013 19:55:55]
AdwCleaner[S0].txt - [16959 octets] - [25/10/2013 22:28:31]
AdwCleaner[S1].txt - [1108 octets] - [25/10/2013 22:32:24]
AdwCleaner[S2].txt - [1087 octets] - [26/10/2013 19:57:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1147 octets] ##########

Und aus dem JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 8 x64
Ran by [Vorname Nachname] on 26.10.2013 at 20:09:18,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services


~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default


~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2229220886-3483987971-1552778777-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] "hkey_current_user\software\classes\typelib\{006ad7b2-968a-11de-88c9-5bde55d89593}"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"


~~~ Files


~~~ Folders


~~~ FireFox

Emptied folder: C:\Users\[Vorname Nachname]\AppData\Roaming\mozilla\firefox\profiles\nuajyhxd.default\minidumps [34 files]


~~~ Event Viewer Logs were cleared


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.10.2013 at 20:18:14,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Und hier nochmal FRST:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013
Ran by [Vorname Nachname] (administrator) on VAIO on 26-10-2013 20:23:50
Running from C:\Users\[Vorname Nachname]\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
() C:\Program Files (x86)\Office-Bibliothek\PCLib.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Windows\SysWOW64\txtuser.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Atheros Communications))
HKCU\...\Run: [Colourificator] - C:\Program Files\Colourificator\Colourificator.exe mini
HKCU\...\Run: [AVG-Secure-Search-Update_0913b] - C:\Users\[Vorname Nachname]\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ec2b1693f28847d39ca5d977c838908f-6c7e4ce8503bdfe11eaee6babc09dc7f8809a310 --CMPID 0913b
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
MountPoints2: {1844f2f5-d737-11e2-bfb1-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {1ee0e664-a2c3-11e2-bea6-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {1ee0e6c5-a2c3-11e2-bea6-083e8edc797c} - "F:\AutoRun.exe" 
MountPoints2: {1ee0e6ee-a2c3-11e2-bea6-083e8edc797c} - "F:\AutoRun.exe" 
MountPoints2: {1ee0e711-a2c3-11e2-bea6-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {22d6a11c-bd36-11e2-bf28-083e8edc797c} - "F:\AutoRun.exe" 
MountPoints2: {2f8ba441-c7bf-11e2-bf66-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {3c51a0c7-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {3c51a0e6-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {3c51a150-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {89777381-bd6e-11e2-bf2c-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {a32a4445-c38a-11e2-bf46-001e101fe855} - "E:\AutoRun.exe" 
MountPoints2: {ad1dcf32-bd34-11e2-bf27-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {cf731fe7-bd53-11e2-bf2b-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {cf73200f-bd53-11e2-bf2b-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {d38e5914-bd31-11e2-bf26-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {d38e594a-bd31-11e2-bf26-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {ef22ea4a-c7ac-11e2-bf65-001e101f6ae6} - "E:\AutoRun.exe" 
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-02-19] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-07-08] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-10] (Advanced Micro Devices, Inc.)
Startup: C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: SQLiteManager - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
FF Extension: Adblock Plus - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-08-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-08-06] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-06-22] (McAfee, Inc.)
R2 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [5619000 2012-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-06-22] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros)
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [x]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-07-30] (AVG Technologies CZ, s.r.o.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 iscFlash; \??\C:\ProgramData\Sony Corporation\Sony Packaging Manager\PackagingTemp\{805B6B27-BC87-4B30-9429-2F90B911A0E5}\iscflashx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-26 20:18 - 2013-10-26 20:18 - 00001606 _____ C:\Users\[Vorname Nachname]\Desktop\JRT.txt
2013-10-26 20:09 - 2013-10-26 20:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-26 20:06 - 2013-10-26 20:06 - 01033335 _____ (Thisisu) C:\Users\[Vorname Nachname]\Desktop\JRT.exe
2013-10-26 20:02 - 2013-10-26 20:02 - 00001227 _____ C:\Users\[Vorname Nachname]\Desktop\AdwCleaner[S2].txt
2013-10-26 13:05 - 2013-10-26 13:15 - 00038380 _____ C:\Users\[Vorname Nachname]\Desktop\Addition.txt
2013-10-26 13:04 - 2013-10-26 13:04 - 00000000 ____D C:\FRST
2013-10-26 13:03 - 2013-10-26 13:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Downloads\FRST64.exe
2013-10-26 13:03 - 2013-10-26 13:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Desktop\FRST64.exe
2013-10-26 00:11 - 2013-10-26 00:11 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\Malwarebytes
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-26 00:11 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-26 00:10 - 2013-10-26 00:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\[Vorname Nachname]\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 22:26 - 2013-10-26 19:57 - 00000000 ____D C:\AdwCleaner
2013-10-25 22:25 - 2013-10-25 22:25 - 01060070 _____ C:\Users\[Vorname Nachname]\Desktop\adwcleaner-3.010.exe
2013-10-25 20:27 - 2013-10-25 20:27 - 00002408 _____ C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-10-25 20:19 - 2013-10-25 20:20 - 00000000 ____D C:\Users\[Vorname Nachname]\.mediathek3
2013-10-22 22:11 - 2013-10-22 22:12 - 00000000 ____D C:\Users\[Vorname Nachname]\Desktop\Bewerbung 1
2013-10-21 16:50 - 2013-10-21 16:50 - 00000000 ____D C:\ProgramData\ATI
2013-10-21 16:49 - 2013-10-21 16:49 - 00000000 ____D C:\ProgramData\AMD
2013-10-21 16:49 - 2013-10-21 16:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-21 16:46 - 2012-10-03 20:04 - 05540008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-10-21 16:46 - 2012-10-03 20:02 - 10316800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2013-10-21 16:46 - 2012-10-03 19:59 - 24854528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2013-10-21 16:46 - 2012-10-03 19:31 - 20445696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-10-21 16:46 - 2012-10-03 18:58 - 00070144 _____ (AMD) C:\Windows\system32\coinst_8.982.10.8.dll
2013-10-21 16:46 - 2012-10-03 18:56 - 00270536 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-10-21 16:46 - 2012-10-03 18:56 - 00270536 _____ C:\Windows\system32\atiapfxx.blb
2013-10-21 16:46 - 2012-10-03 18:55 - 00163840 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2013-10-21 16:46 - 2012-10-03 18:54 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2013-10-21 16:46 - 2012-10-03 18:54 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-10-21 16:46 - 2012-10-03 18:53 - 16034304 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2013-10-21 16:46 - 2012-10-03 18:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-10-21 16:46 - 2012-10-03 18:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2013-10-21 16:46 - 2012-10-03 18:49 - 13605888 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-10-21 16:46 - 2012-10-03 18:46 - 00927744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-10-21 16:46 - 2012-10-03 18:42 - 06430208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-10-21 16:46 - 2012-10-03 18:32 - 00534528 _____ (AMD) C:\Windows\system32\atieclxx.exe
2013-10-21 16:46 - 2012-10-03 18:32 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2013-10-21 16:46 - 2012-10-03 18:31 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2013-10-21 16:46 - 2012-10-03 18:30 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2013-10-21 16:46 - 2012-10-03 18:29 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2013-10-21 16:46 - 2012-10-03 18:29 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2013-10-21 16:46 - 2012-10-03 18:29 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2013-10-21 16:46 - 2012-10-03 18:28 - 04753408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00540672 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00056832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00056832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00056320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00056320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-10-21 16:46 - 2012-10-03 18:08 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2013-10-21 16:46 - 2012-10-03 18:07 - 00370688 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2013-10-21 16:46 - 2012-10-03 18:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-10-21 16:46 - 2012-10-03 18:06 - 00083456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-10-21 16:46 - 2012-10-03 18:05 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2013-10-21 16:46 - 2012-08-02 17:34 - 00038316 _____ C:\Windows\atiogl.xml
2013-10-21 16:42 - 2013-10-21 16:42 - 00000000 ____D C:\ProgramData\CLSK
2013-10-21 16:20 - 2013-10-21 16:20 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\AVG2014
2013-10-21 16:19 - 2013-10-21 16:19 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-21 16:16 - 2013-10-21 16:20 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-21 11:33 - 2013-10-21 11:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 11:33 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-21 11:33 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-21 11:33 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-21 11:33 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-21 11:32 - 2013-10-21 11:33 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-18 21:25 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-18 21:25 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-10-18 21:25 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-18 21:25 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-10-18 21:25 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-18 21:25 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-10-18 21:25 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-10-18 21:24 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-10-18 21:24 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-10-18 21:24 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-10-18 21:24 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-18 21:24 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-18 21:24 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-18 21:24 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-18 21:24 - 2013-07-31 01:30 - 00386923 _____ C:\Windows\system32\ApnDatabase.xml
2013-10-18 21:24 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-18 21:24 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-10-18 21:21 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-10-18 21:21 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-10-18 21:21 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-10-18 21:21 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-10-18 21:21 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-10-18 21:21 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-10-18 19:03 - 2013-10-18 19:03 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 20:45 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-17 20:45 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-17 20:45 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-17 20:45 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-17 20:45 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-17 20:45 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-17 20:45 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-17 20:45 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-17 20:45 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-17 20:45 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-17 20:45 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-17 20:45 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-17 20:45 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-10-17 20:45 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-10-17 20:45 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-17 20:45 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-17 20:45 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-10-17 20:45 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-17 20:45 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-17 20:45 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-17 20:45 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-17 20:45 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-17 20:45 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-17 20:45 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-10-17 20:45 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-17 20:45 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 19:17 - 2013-10-11 19:17 - 00389032 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 20:54 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 14:49 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 14:49 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 14:33 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 14:33 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 14:33 - 2013-07-02 00:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 14:33 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-10 14:33 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 14:33 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 14:33 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 14:33 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-10 12:14 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 12:14 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 12:14 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 12:14 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 12:09 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 12:09 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 12:09 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 12:09 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 12:09 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 12:09 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 12:06 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 12:06 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 12:06 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-10 12:06 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-10 12:06 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-06 19:29 - 2013-10-06 19:29 - 00001535 _____ C:\Users\[Vorname Nachname]\AppData\Local\recently-used.xbel
2013-10-05 14:55 - 2013-10-05 14:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-05 13:50 - 2013-10-21 20:30 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Avg2014
2013-10-01 11:28 - 2013-10-01 11:28 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\aus dem Fernsehen
2013-10-01 10:51 - 2013-10-01 10:51 - 78769095 _____ C:\Users\[Vorname Nachname]\Documents\Ein Gespräch.mp4
2013-10-01 10:49 - 2013-10-01 11:41 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Kabarett

==================== One Month Modified Files and Folders =======

2013-10-26 20:21 - 2013-08-07 19:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-26 20:18 - 2013-10-26 20:18 - 00001606 _____ C:\Users\[Vorname Nachname]\Desktop\JRT.txt
2013-10-26 20:17 - 2013-03-06 12:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2229220886-3483987971-1552778777-1001
2013-10-26 20:09 - 2013-10-26 20:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-26 20:06 - 2013-10-26 20:06 - 01033335 _____ (Thisisu) C:\Users\[Vorname Nachname]\Desktop\JRT.exe
2013-10-26 20:02 - 2013-10-26 20:02 - 00001227 _____ C:\Users\[Vorname Nachname]\Desktop\AdwCleaner[S2].txt
2013-10-26 19:59 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-26 19:57 - 2013-10-25 22:26 - 00000000 ____D C:\AdwCleaner
2013-10-26 19:57 - 2012-10-22 07:38 - 01478798 _____ C:\Windows\WindowsUpdate.log
2013-10-26 19:47 - 2013-05-14 11:36 - 00000000 ____D C:\ProgramData\MFAData
2013-10-26 14:53 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-26 14:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-26 13:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-26 13:15 - 2013-10-26 13:05 - 00038380 _____ C:\Users\[Vorname Nachname]\Desktop\Addition.txt
2013-10-26 13:04 - 2013-10-26 13:04 - 00000000 ____D C:\FRST
2013-10-26 13:03 - 2013-10-26 13:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Downloads\FRST64.exe
2013-10-26 13:03 - 2013-10-26 13:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Desktop\FRST64.exe
2013-10-26 00:23 - 2012-08-03 04:22 - 00056704 _____ C:\Windows\PFRO.log
2013-10-26 00:11 - 2013-10-26 00:11 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\Malwarebytes
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-26 00:11 - 2013-10-26 00:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-26 00:10 - 2013-10-26 00:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\[Vorname Nachname]\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 22:25 - 2013-10-25 22:25 - 01060070 _____ C:\Users\[Vorname Nachname]\Desktop\adwcleaner-3.010.exe
2013-10-25 20:28 - 2013-03-06 11:24 - 00000000 ____D C:\Users\[Vorname Nachname]
2013-10-25 20:27 - 2013-10-25 20:27 - 00002408 _____ C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-10-25 20:26 - 2013-03-06 22:59 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\CrashDumps
2013-10-25 20:20 - 2013-10-25 20:19 - 00000000 ____D C:\Users\[Vorname Nachname]\.mediathek3
2013-10-25 19:49 - 2013-03-06 17:01 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Adobe
2013-10-24 22:08 - 2012-10-22 08:15 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-10-24 22:08 - 2012-10-22 08:15 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-10-24 22:08 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-24 12:09 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-10-22 22:12 - 2013-10-22 22:11 - 00000000 ____D C:\Users\[Vorname Nachname]\Desktop\Bewerbung 1
2013-10-21 22:12 - 2013-03-15 18:47 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Audible
2013-10-21 20:30 - 2013-10-05 13:50 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Avg2014
2013-10-21 19:25 - 2013-04-16 12:31 - 00000000 ____D C:\Update
2013-10-21 16:50 - 2013-10-21 16:50 - 00000000 ____D C:\ProgramData\ATI
2013-10-21 16:49 - 2013-10-21 16:49 - 00000000 ____D C:\ProgramData\AMD
2013-10-21 16:49 - 2013-10-21 16:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-21 16:49 - 2012-10-22 07:33 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-10-21 16:46 - 2012-07-26 09:21 - 00042543 _____ C:\Windows\setupact.log
2013-10-21 16:43 - 2012-10-22 08:11 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-21 16:43 - 2012-10-22 08:00 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-10-21 16:43 - 2003-03-18 20:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-10-21 16:43 - 2003-02-21 04:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-10-21 16:42 - 2013-10-21 16:42 - 00000000 ____D C:\ProgramData\CLSK
2013-10-21 16:41 - 2012-10-22 07:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-21 16:23 - 2013-05-14 11:37 - 00000000 ____D C:\ProgramData\AVG2013
2013-10-21 16:20 - 2013-10-21 16:20 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\AVG2014
2013-10-21 16:20 - 2013-10-21 16:16 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-21 16:20 - 2013-05-14 11:37 - 00000000 ___HD C:\$AVG
2013-10-21 16:20 - 2013-05-14 11:37 - 00000000 ____D C:\Program Files (x86)\AVG
2013-10-21 16:19 - 2013-10-21 16:19 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-21 16:19 - 2013-08-28 21:24 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-21 16:19 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-10-21 11:33 - 2013-10-21 11:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 11:33 - 2013-10-21 11:32 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-21 11:33 - 2013-06-23 21:59 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-20 15:37 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-10-20 13:11 - 2013-03-06 11:25 - 00000000 ___RD C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-20 13:11 - 2013-03-06 11:25 - 00000000 ___RD C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-20 00:00 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-10-18 19:03 - 2013-10-18 19:03 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 12:35 - 2013-03-06 12:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 12:20 - 2013-07-21 16:56 - 00000000 ____D C:\Windows\system32\MRT
2013-10-14 12:16 - 2013-04-17 12:23 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-11 19:17 - 2013-10-11 19:17 - 00389032 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-08 18:01 - 2013-05-14 10:04 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Bewerbungsunterlagen
2013-10-08 07:50 - 2013-10-21 11:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-21 11:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-21 11:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-21 11:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-06 19:39 - 2013-08-24 15:49 - 00000000 ____D C:\Users\[Vorname Nachname]\.gimp-2.8
2013-10-06 19:29 - 2013-10-06 19:29 - 00001535 _____ C:\Users\[Vorname Nachname]\AppData\Local\recently-used.xbel
2013-10-05 22:01 - 2013-03-06 13:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 19:40 - 2013-05-04 11:42 - 00007680 _____ C:\Users\[Vorname Nachname]\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-05 14:55 - 2013-10-05 14:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-02 03:38 - 2013-09-12 17:29 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-09-12 17:29 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 11:41 - 2013-10-01 10:49 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Kabarett
2013-10-01 11:28 - 2013-10-01 11:28 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\aus dem Fernsehen
2013-10-01 10:51 - 2013-10-01 10:51 - 78769095 _____ C:\Users\[Vorname Nachname]\Documents\Gespräch.mp4
2013-10-01 10:34 - 2013-07-08 10:34 - 00000000 ____D C:\Users\[Vorname Nachname]\dwhelper

Some content of TEMP:
====================
C:\Users\[Vorname Nachname]\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\[Vorname Nachname]\AppData\Local\Temp\Quarantine.exe
C:\Users\[Vorname Nachname]\AppData\Local\Temp\ResetDevice.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-19 12:54

==================== End Of Log ============================

--- --- ---

Junkware Removal Tool klingt gut, aber in der Systemsteuerung wird das Snap.do immer noch angezeigt.

schrauber · 27.10.2013, 07:50

Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)

Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:regfind
Snap.Do
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

pferdedings · 27.10.2013, 17:03

Hallo schrauber,

ich habe alles durchgeführt, aber in der Systemsteuerung ist das snap.do nach wie vor als Programm mit 23,5MB. Wenn man auf "Deinstallieren" geht, kommt "The feature you are trying to use is on a network resource that is unavailable." "Click OK to try again, or enter an alternat path to a folder containing the installation package "installer.msi" in the box below." "Die Installationsquelle dieser Anwendung steht nicht zur Verfügung."
Also das ist unverändert.

Hier die Logs:

System Look

SystemLook 30.07.11 by jpshortstuff
Log created at 14:18 on 27/10/2013 by [Vorname Nachname]
Administrator - Elevation successful

========== regfind ==========

Searching for "Snap.Do"
[HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\7BEB351B42FE32345848F39E65AA7E1D]
"ProductName"="Snap.Do"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2229220886-3483987971-1552778777-1001\Products\7BEB351B42FE32345848F39E65AA7E1D\InstallProperties]
"HelpLink"="hxxp://snap.do"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2229220886-3483987971-1552778777-1001\Products\7BEB351B42FE32345848F39E65AA7E1D\InstallProperties]
"URLInfoAbout"="hxxp://snap.do"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2229220886-3483987971-1552778777-1001\Products\7BEB351B42FE32345848F39E65AA7E1D\InstallProperties]
"DisplayName"="Snap.Do"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B153BEB7-EF24-4323-8584-3FE956AAE7D1}]
"HelpLink"="hxxp://snap.do"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B153BEB7-EF24-4323-8584-3FE956AAE7D1}]
"URLInfoAbout"="hxxp://snap.do"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B153BEB7-EF24-4323-8584-3FE956AAE7D1}]
"DisplayName"="Snap.Do"
[HKEY_USERS\S-1-5-21-2229220886-3483987971-1552778777-1001\Software\Microsoft\Installer\Products\7BEB351B42FE32345848F39E65AA7E1D]
"ProductName"="Snap.Do"

-= EOF =-

ESET hat nichts gefunden.

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=342c5e803ab2784fa3b7dd95168715dc
# engine=15652
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-27 02:04:03
# local_time=2013-10-27 03:04:03 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=771 16777214 16 1 14355442 14355442 0 0
# compatibility_mode=5893 16776574 100 94 6203996 42388754 0 0
# scanned=98020
# found=0
# cleaned=0
# scan_time=2262

Security Check

Results of screen317's Security Check version 0.99.74
x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
AVG AntiVirus Free Edition 2014
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware Version 1.75.0.1300
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 11.9.900.117
Adobe Reader XI
Mozilla Firefox (24.0)
Mozilla Thunderbird (17.0.8)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Spybot Teatimer.exe is disabled!
AVG avgwdsvc.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

FRST

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013
Ran by [Vorname Nachname] (administrator) on VAIO on 27-10-2013 16:47:32
Running from C:\Users\[Vorname Nachname]\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
() C:\Program Files (x86)\Office-Bibliothek\PCLib.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Windows\SysWOW64\txtuser.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Atheros Communications))
HKCU\...\Run: [Colourificator] - C:\Program Files\Colourificator\Colourificator.exe mini
HKCU\...\Run: [AVG-Secure-Search-Update_0913b] - C:\Users\[Vorname Nachname]\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ec2b1693f28847d39ca5d977c838908f-6c7e4ce8503bdfe11eaee6babc09dc7f8809a310 --CMPID 0913b
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
MountPoints2: {1844f2f5-d737-11e2-bfb1-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {1ee0e664-a2c3-11e2-bea6-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {1ee0e6c5-a2c3-11e2-bea6-083e8edc797c} - "F:\AutoRun.exe"
MountPoints2: {1ee0e6ee-a2c3-11e2-bea6-083e8edc797c} - "F:\AutoRun.exe"
MountPoints2: {1ee0e711-a2c3-11e2-bea6-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {22d6a11c-bd36-11e2-bf28-083e8edc797c} - "F:\AutoRun.exe"
MountPoints2: {2f8ba441-c7bf-11e2-bf66-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {3c51a0c7-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {3c51a0e6-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {3c51a150-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {89777381-bd6e-11e2-bf2c-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {a32a4445-c38a-11e2-bf46-001e101fe855} - "E:\AutoRun.exe"
MountPoints2: {ad1dcf32-bd34-11e2-bf27-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {cf731fe7-bd53-11e2-bf2b-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {cf73200f-bd53-11e2-bf2b-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {d38e5914-bd31-11e2-bf26-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {d38e594a-bd31-11e2-bf26-083e8edc797c} - "E:\AutoRun.exe"
MountPoints2: {ef22ea4a-c7ac-11e2-bf65-001e101f6ae6} - "E:\AutoRun.exe"
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-02-19] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-07-08] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-10] (Advanced Micro Devices, Inc.)
Startup: C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: SQLiteManager - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
FF Extension: Adblock Plus - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-08-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-08-06] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-06-22] (McAfee, Inc.)
R2 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [5619000 2012-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-06-22] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros)
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [x]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-07-30] (AVG Technologies CZ, s.r.o.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 iscFlash; \??\C:\ProgramData\Sony Corporation\Sony Packaging Manager\PackagingTemp\{805B6B27-BC87-4B30-9429-2F90B911A0E5}\iscflashx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-27 16:44 - 2013-10-27 16:43 - 00891167 _____ C:\Users\[Vorname Nachname]\Downloads\SecurityCheck.exe
2013-10-27 16:44 - 2013-10-27 16:43 - 00891167 _____ C:\Users\[Vorname Nachname]\Desktop\SecurityCheck.exe
2013-10-27 14:23 - 2013-10-27 14:23 - 02347384 _____ (ESET) C:\Users\[Vorname Nachname]\Downloads\esetsmartinstaller_enu.exe
2013-10-27 14:18 - 2013-10-27 14:19 - 00003196 _____ C:\Users\[Vorname Nachname]\Desktop\SystemLook.txt
2013-10-27 14:17 - 2013-10-27 14:17 - 00165376 _____ C:\Users\[Vorname Nachname]\Desktop\SystemLook_x64.exe
2013-10-26 19:18 - 2013-10-26 19:18 - 00001606 _____ C:\Users\[Vorname Nachname]\Desktop\JRT.txt
2013-10-26 19:09 - 2013-10-26 19:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-26 19:06 - 2013-10-26 19:06 - 01033335 _____ (Thisisu) C:\Users\[Vorname Nachname]\Desktop\JRT.exe
2013-10-26 19:02 - 2013-10-26 19:02 - 00001227 _____ C:\Users\[Vorname Nachname]\Desktop\AdwCleaner[S2].txt
2013-10-26 12:05 - 2013-10-26 12:15 - 00038380 _____ C:\Users\[Vorname Nachname]\Desktop\Addition.txt
2013-10-26 12:04 - 2013-10-26 12:04 - 00000000 ____D C:\FRST
2013-10-26 12:03 - 2013-10-26 12:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Downloads\FRST64.exe
2013-10-26 12:03 - 2013-10-26 12:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Desktop\FRST64.exe
2013-10-25 23:11 - 2013-10-25 23:11 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\Malwarebytes
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 23:11 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-25 23:10 - 2013-10-25 23:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\[Vorname Nachname]\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 21:26 - 2013-10-26 18:57 - 00000000 ____D C:\AdwCleaner
2013-10-25 21:25 - 2013-10-25 21:25 - 01060070 _____ C:\Users\[Vorname Nachname]\Desktop\adwcleaner-3.010.exe
2013-10-25 19:27 - 2013-10-25 19:27 - 00002408 _____ C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-10-25 19:19 - 2013-10-25 19:20 - 00000000 ____D C:\Users\[Vorname Nachname]\.mediathek3
2013-10-22 21:11 - 2013-10-22 21:12 - 00000000 ____D C:\Users\[Vorname Nachname]\Desktop\Bewerbung 1
2013-10-21 15:50 - 2013-10-21 15:50 - 00000000 ____D C:\ProgramData\ATI
2013-10-21 15:49 - 2013-10-21 15:49 - 00000000 ____D C:\ProgramData\AMD
2013-10-21 15:49 - 2013-10-21 15:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-21 15:46 - 2012-10-03 19:04 - 05540008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-10-21 15:46 - 2012-10-03 19:02 - 10316800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2013-10-21 15:46 - 2012-10-03 18:59 - 24854528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2013-10-21 15:46 - 2012-10-03 18:31 - 20445696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-10-21 15:46 - 2012-10-03 17:58 - 00070144 _____ (AMD) C:\Windows\system32\coinst_8.982.10.8.dll
2013-10-21 15:46 - 2012-10-03 17:56 - 00270536 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-10-21 15:46 - 2012-10-03 17:56 - 00270536 _____ C:\Windows\system32\atiapfxx.blb
2013-10-21 15:46 - 2012-10-03 17:55 - 00163840 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2013-10-21 15:46 - 2012-10-03 17:54 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2013-10-21 15:46 - 2012-10-03 17:54 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-10-21 15:46 - 2012-10-03 17:53 - 16034304 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2013-10-21 15:46 - 2012-10-03 17:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-10-21 15:46 - 2012-10-03 17:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2013-10-21 15:46 - 2012-10-03 17:49 - 13605888 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-10-21 15:46 - 2012-10-03 17:46 - 00927744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-10-21 15:46 - 2012-10-03 17:42 - 06430208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-10-21 15:46 - 2012-10-03 17:32 - 00534528 _____ (AMD) C:\Windows\system32\atieclxx.exe
2013-10-21 15:46 - 2012-10-03 17:32 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2013-10-21 15:46 - 2012-10-03 17:31 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2013-10-21 15:46 - 2012-10-03 17:30 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2013-10-21 15:46 - 2012-10-03 17:29 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2013-10-21 15:46 - 2012-10-03 17:29 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2013-10-21 15:46 - 2012-10-03 17:29 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2013-10-21 15:46 - 2012-10-03 17:28 - 04753408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00540672 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00056832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00056832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00056320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00056320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2013-10-21 15:46 - 2012-10-03 17:07 - 00370688 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2013-10-21 15:46 - 2012-10-03 17:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-10-21 15:46 - 2012-10-03 17:06 - 00083456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-10-21 15:46 - 2012-10-03 17:05 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2013-10-21 15:46 - 2012-08-02 16:34 - 00038316 _____ C:\Windows\atiogl.xml
2013-10-21 15:42 - 2013-10-21 15:42 - 00000000 ____D C:\ProgramData\CLSK
2013-10-21 15:20 - 2013-10-21 15:20 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\AVG2014
2013-10-21 15:19 - 2013-10-21 15:19 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-21 15:16 - 2013-10-21 15:20 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-21 10:33 - 2013-10-21 10:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 10:33 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-21 10:33 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-21 10:33 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-21 10:33 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-21 10:32 - 2013-10-21 10:33 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-18 20:25 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-18 20:25 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-10-18 20:25 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-18 20:25 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-10-18 20:25 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-18 20:25 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-10-18 20:25 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-10-18 20:24 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-10-18 20:24 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-10-18 20:24 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-10-18 20:24 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-18 20:24 - 2013-08-02 07:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-18 20:24 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-18 20:24 - 2013-08-02 06:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-18 20:24 - 2013-07-31 00:30 - 00386923 _____ C:\Windows\system32\ApnDatabase.xml
2013-10-18 20:24 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-18 20:24 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-10-18 20:21 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-10-18 20:21 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-10-18 20:21 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-10-18 20:21 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-10-18 20:21 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-10-18 20:21 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-10-18 18:03 - 2013-10-18 18:03 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 19:45 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-17 19:45 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-17 19:45 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-17 19:45 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-17 19:45 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-17 19:45 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-17 19:45 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-17 19:45 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-17 19:45 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-17 19:45 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-17 19:45 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-17 19:45 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-10-17 19:45 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-10-17 19:45 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-17 19:45 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-17 19:45 - 2013-04-28 23:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-10-17 19:45 - 2013-02-21 11:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-17 19:45 - 2013-02-21 11:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-17 19:45 - 2013-02-21 11:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-17 19:45 - 2013-02-21 11:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-17 19:45 - 2013-02-21 11:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-17 19:45 - 2013-02-21 11:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-17 19:45 - 2013-02-19 10:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-10-17 19:45 - 2012-11-08 05:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-17 19:45 - 2012-11-08 05:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 18:17 - 2013-10-11 18:17 - 00389032 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 19:54 - 2013-08-23 06:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 13:49 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 13:49 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 13:33 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 13:33 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 13:33 - 2013-07-01 23:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 13:33 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-10 13:33 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 13:33 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 13:33 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 13:33 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-10 11:14 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 11:14 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 11:14 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 11:14 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 11:09 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 11:09 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 11:09 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 11:09 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 11:09 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 11:09 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 11:06 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:06 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:06 - 2013-07-02 02:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-10 11:06 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-10 11:06 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-06 18:29 - 2013-10-06 18:29 - 00001535 _____ C:\Users\[Vorname Nachname]\AppData\Local\recently-used.xbel
2013-10-05 13:55 - 2013-10-05 13:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-05 12:50 - 2013-10-21 19:30 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Avg2014
2013-10-01 10:28 - 2013-10-01 10:28 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\aus dem Fernsehen
2013-10-01 09:51 - 2013-10-01 09:51 - 78769095 _____ C:\Users\[Vorname Nachname]\Documents\Gespräch.mp4
2013-10-01 09:49 - 2013-10-01 10:41 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Kabarett

==================== One Month Modified Files and Folders =======

2013-10-27 16:43 - 2013-10-27 16:44 - 00891167 _____ C:\Users\[Vorname Nachname]\Downloads\SecurityCheck.exe
2013-10-27 16:43 - 2013-10-27 16:44 - 00891167 _____ C:\Users\[Vorname Nachname]\Desktop\SecurityCheck.exe
2013-10-27 16:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-27 15:10 - 2012-10-22 06:38 - 01636317 _____ C:\Windows\WindowsUpdate.log
2013-10-27 14:23 - 2013-10-27 14:23 - 02347384 _____ (ESET) C:\Users\[Vorname Nachname]\Downloads\esetsmartinstaller_enu.exe
2013-10-27 14:19 - 2013-10-27 14:18 - 00003196 _____ C:\Users\[Vorname Nachname]\Desktop\SystemLook.txt
2013-10-27 14:17 - 2013-10-27 14:17 - 00165376 _____ C:\Users\[Vorname Nachname]\Desktop\SystemLook_x64.exe
2013-10-27 14:08 - 2012-10-22 07:15 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-10-27 14:08 - 2012-10-22 07:15 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-10-27 14:08 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-27 14:06 - 2013-03-06 11:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2229220886-3483987971-1552778777-1001
2013-10-27 14:01 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-27 12:53 - 2013-05-14 10:36 - 00000000 ____D C:\ProgramData\MFAData
2013-10-26 19:21 - 2013-08-07 18:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-26 19:18 - 2013-10-26 19:18 - 00001606 _____ C:\Users\[Vorname Nachname]\Desktop\JRT.txt
2013-10-26 19:09 - 2013-10-26 19:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-26 19:06 - 2013-10-26 19:06 - 01033335 _____ (Thisisu) C:\Users\[Vorname Nachname]\Desktop\JRT.exe
2013-10-26 19:02 - 2013-10-26 19:02 - 00001227 _____ C:\Users\[Vorname Nachname]\Desktop\AdwCleaner[S2].txt
2013-10-26 18:57 - 2013-10-25 21:26 - 00000000 ____D C:\AdwCleaner
2013-10-26 13:53 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-26 12:28 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-26 12:15 - 2013-10-26 12:05 - 00038380 _____ C:\Users\[Vorname Nachname]\Desktop\Addition.txt
2013-10-26 12:04 - 2013-10-26 12:04 - 00000000 ____D C:\FRST
2013-10-26 12:03 - 2013-10-26 12:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Downloads\FRST64.exe
2013-10-26 12:03 - 2013-10-26 12:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Desktop\FRST64.exe
2013-10-25 23:23 - 2012-08-03 03:22 - 00056704 _____ C:\Windows\PFRO.log
2013-10-25 23:11 - 2013-10-25 23:11 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\Malwarebytes
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 23:10 - 2013-10-25 23:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\[Vorname Nachname]\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 21:25 - 2013-10-25 21:25 - 01060070 _____ C:\Users\[Vorname Nachname]\Desktop\adwcleaner-3.010.exe
2013-10-25 19:28 - 2013-03-06 10:24 - 00000000 ____D C:\Users\[Vorname Nachname]
2013-10-25 19:27 - 2013-10-25 19:27 - 00002408 _____ C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-10-25 19:26 - 2013-03-06 21:59 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\CrashDumps
2013-10-25 19:20 - 2013-10-25 19:19 - 00000000 ____D C:\Users\[Vorname Nachname]\.mediathek3
2013-10-25 18:49 - 2013-03-06 16:01 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Adobe
2013-10-24 11:09 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-10-22 21:12 - 2013-10-22 21:11 - 00000000 ____D C:\Users\[Vorname Nachname]\Desktop\Bewerbung 1
2013-10-21 21:12 - 2013-03-15 17:47 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Audible
2013-10-21 19:30 - 2013-10-05 12:50 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Avg2014
2013-10-21 18:25 - 2013-04-16 11:31 - 00000000 ____D C:\Update
2013-10-21 15:50 - 2013-10-21 15:50 - 00000000 ____D C:\ProgramData\ATI
2013-10-21 15:49 - 2013-10-21 15:49 - 00000000 ____D C:\ProgramData\AMD
2013-10-21 15:49 - 2013-10-21 15:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-21 15:49 - 2012-10-22 06:33 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-10-21 15:46 - 2012-07-26 08:21 - 00042543 _____ C:\Windows\setupact.log
2013-10-21 15:43 - 2012-10-22 07:11 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-21 15:43 - 2012-10-22 07:00 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-10-21 15:43 - 2003-03-18 19:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-10-21 15:43 - 2003-02-21 03:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-10-21 15:42 - 2013-10-21 15:42 - 00000000 ____D C:\ProgramData\CLSK
2013-10-21 15:41 - 2012-10-22 06:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-21 15:23 - 2013-05-14 10:37 - 00000000 ____D C:\ProgramData\AVG2013
2013-10-21 15:20 - 2013-10-21 15:20 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\AVG2014
2013-10-21 15:20 - 2013-10-21 15:16 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-21 15:20 - 2013-05-14 10:37 - 00000000 ___HD C:\$AVG
2013-10-21 15:20 - 2013-05-14 10:37 - 00000000 ____D C:\Program Files (x86)\AVG
2013-10-21 15:19 - 2013-10-21 15:19 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-21 15:19 - 2013-08-28 20:24 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-21 15:19 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-10-21 10:33 - 2013-10-21 10:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 10:33 - 2013-10-21 10:32 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-21 10:33 - 2013-06-23 20:59 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-20 14:37 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-10-20 12:11 - 2013-03-06 10:25 - 00000000 ___RD C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-20 12:11 - 2013-03-06 10:25 - 00000000 ___RD C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-19 23:00 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2013-10-18 18:03 - 2013-10-18 18:03 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 11:35 - 2013-03-06 11:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 11:20 - 2013-07-21 15:56 - 00000000 ____D C:\Windows\system32\MRT
2013-10-14 11:16 - 2013-04-17 11:23 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-11 18:17 - 2013-10-11 18:17 - 00389032 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-08 17:01 - 2013-05-14 09:04 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Bewerbungsunterlagen
2013-10-08 06:50 - 2013-10-21 10:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 06:46 - 2013-10-21 10:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 06:46 - 2013-10-21 10:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 06:46 - 2013-10-21 10:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-06 18:39 - 2013-08-24 14:49 - 00000000 ____D C:\Users\[Vorname Nachname]\.gimp-2.8
2013-10-06 18:29 - 2013-10-06 18:29 - 00001535 _____ C:\Users\[Vorname Nachname]\AppData\Local\recently-used.xbel
2013-10-05 21:01 - 2013-03-06 12:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 18:40 - 2013-05-04 10:42 - 00007680 _____ C:\Users\[Vorname Nachname]\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-05 13:55 - 2013-10-05 13:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-02 02:38 - 2013-09-12 16:29 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 02:38 - 2013-09-12 16:29 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 10:41 - 2013-10-01 09:49 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Kabarett
2013-10-01 10:28 - 2013-10-01 10:28 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\aus dem Fernsehen
2013-10-01 09:51 - 2013-10-01 09:51 - 78769095 _____ C:\Users\[Vorname Nachname]\Documents\Gespräch.mp4
2013-10-01 09:34 - 2013-07-08 09:34 - 00000000 ____D C:\Users\[Vorname Nachname]\dwhelper

Some content of TEMP:
====================
C:\Users\[Vorname Nachname]\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\[Vorname Nachname]\AppData\Local\Temp\Quarantine.exe
C:\Users\[Vorname Nachname]\AppData\Local\Temp\ResetDevice.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-19 11:54

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 27.10.2013, 19:09

Kopiere den Text in der Codebox in deinen Editor (z.B. Notepad) und speichere es unter dem Namen regfix.reg (bei Dateityp bitte "alle Dateien" wählen)

Code:

ATTFilter

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\7BEB351B42FE32345848F39E65AA7E1D]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B153BEB7-EF24-4323-8584-3FE956AAE7D1}]
[-HKEY_USERS\S-1-5-21-2229220886-3483987971-1552778777-1001\Software\Microsoft\Installer\Products\7BEB351B42FE32345848F39E65AA7E1D]

Starte die regfix.reg duch Doppelklick.

Sollte jetzt weg sein. Frisches FRST log bitte.

pferdedings · 27.10.2013, 20:01

Hey,

das ist ja super, tatsächlich, es ist wie weggezaubert - wie hast du das denn jetzt gemacht *staun*?

Vielen lieben Dank für deine Hilfe, ohne dein Engagement hier, wäre ich aufgeschmissen gewesen damit!

Werde in Zukunft nur noch von vertrauenswürdigen Seiten wie Chip oder Computerbild solche Freeware runterladen.

Hier nochmal FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013
Ran by [Vorname Nachname] (administrator) on VAIO on 27-10-2013 19:43:45
Running from C:\Users\[Vorname Nachname]\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\EMMSN.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Nori\Nori.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
() C:\Program Files (x86)\Office-Bibliothek\PCLib.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Windows\SysWOW64\txtuser.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Atheros Communications))
HKCU\...\Run: [Colourificator] - C:\Program Files\Colourificator\Colourificator.exe mini
HKCU\...\Run: [AVG-Secure-Search-Update_0913b] - C:\Users\[Vorname Nachname]\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ec2b1693f28847d39ca5d977c838908f-6c7e4ce8503bdfe11eaee6babc09dc7f8809a310 --CMPID 0913b
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
MountPoints2: {1844f2f5-d737-11e2-bfb1-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {1ee0e664-a2c3-11e2-bea6-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {1ee0e6c5-a2c3-11e2-bea6-083e8edc797c} - "F:\AutoRun.exe" 
MountPoints2: {1ee0e6ee-a2c3-11e2-bea6-083e8edc797c} - "F:\AutoRun.exe" 
MountPoints2: {1ee0e711-a2c3-11e2-bea6-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {22d6a11c-bd36-11e2-bf28-083e8edc797c} - "F:\AutoRun.exe" 
MountPoints2: {2f8ba441-c7bf-11e2-bf66-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {3c51a0c7-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {3c51a0e6-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {3c51a150-a209-11e2-be9a-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {89777381-bd6e-11e2-bf2c-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {a32a4445-c38a-11e2-bf46-001e101fe855} - "E:\AutoRun.exe" 
MountPoints2: {ad1dcf32-bd34-11e2-bf27-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {cf731fe7-bd53-11e2-bf2b-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {cf73200f-bd53-11e2-bf2b-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {d38e5914-bd31-11e2-bf26-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {d38e594a-bd31-11e2-bf26-083e8edc797c} - "E:\AutoRun.exe" 
MountPoints2: {ef22ea4a-c7ac-11e2-bf65-001e101f6ae6} - "E:\AutoRun.exe" 
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-02-19] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-07-08] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-10] (Advanced Micro Devices, Inc.)
Startup: C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\..\Interfaces\{24A20C12-DEB8-46B7-A5D1-154B50666078}: [NameServer]193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: SQLiteManager - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
FF Extension: Adblock Plus - C:\Users\[Vorname Nachname]\AppData\Roaming\Mozilla\Firefox\Profiles\nuajyhxd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-08-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-08-06] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-06-22] (McAfee, Inc.)
R2 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [5619000 2012-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-06-22] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros)
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [x]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-07-30] (AVG Technologies CZ, s.r.o.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 iscFlash; \??\C:\ProgramData\Sony Corporation\Sony Packaging Manager\PackagingTemp\{805B6B27-BC87-4B30-9429-2F90B911A0E5}\iscflashx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-27 19:42 - 2013-10-27 19:42 - 00000401 _____ C:\Users\[Vorname Nachname]\Desktop\regfix.reg
2013-10-27 16:44 - 2013-10-27 16:43 - 00891167 _____ C:\Users\[Vorname Nachname]\Downloads\SecurityCheck.exe
2013-10-27 16:44 - 2013-10-27 16:43 - 00891167 _____ C:\Users\[Vorname Nachname]\Desktop\SecurityCheck.exe
2013-10-27 14:23 - 2013-10-27 14:23 - 02347384 _____ (ESET) C:\Users\[Vorname Nachname]\Downloads\esetsmartinstaller_enu.exe
2013-10-27 14:18 - 2013-10-27 14:19 - 00003196 _____ C:\Users\[Vorname Nachname]\Desktop\SystemLook.txt
2013-10-27 14:17 - 2013-10-27 14:17 - 00165376 _____ C:\Users\[Vorname Nachname]\Desktop\SystemLook_x64.exe
2013-10-26 19:18 - 2013-10-26 19:18 - 00001606 _____ C:\Users\[Vorname Nachname]\Desktop\JRT.txt
2013-10-26 19:09 - 2013-10-26 19:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-26 19:06 - 2013-10-26 19:06 - 01033335 _____ (Thisisu) C:\Users\[Vorname Nachname]\Desktop\JRT.exe
2013-10-26 19:02 - 2013-10-26 19:02 - 00001227 _____ C:\Users\[Vorname Nachname]\Desktop\AdwCleaner[S2].txt
2013-10-26 12:04 - 2013-10-26 12:04 - 00000000 ____D C:\FRST
2013-10-26 12:03 - 2013-10-26 12:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Downloads\FRST64.exe
2013-10-26 12:03 - 2013-10-26 12:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Desktop\FRST64.exe
2013-10-25 23:11 - 2013-10-25 23:11 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\Malwarebytes
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 23:11 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-25 23:10 - 2013-10-25 23:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\[Vorname Nachname]\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 21:26 - 2013-10-26 18:57 - 00000000 ____D C:\AdwCleaner
2013-10-25 21:25 - 2013-10-25 21:25 - 01060070 _____ C:\Users\[Vorname Nachname]\Desktop\adwcleaner-3.010.exe
2013-10-25 19:27 - 2013-10-25 19:27 - 00002408 _____ C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-10-25 19:19 - 2013-10-25 19:20 - 00000000 ____D C:\Users\[Vorname Nachname]\.mediathek3
2013-10-22 21:11 - 2013-10-22 21:12 - 00000000 ____D C:\Users\[Vorname Nachname]\Desktop\Bewerbung 1
2013-10-21 15:50 - 2013-10-21 15:50 - 00000000 ____D C:\ProgramData\ATI
2013-10-21 15:49 - 2013-10-21 15:49 - 00000000 ____D C:\ProgramData\AMD
2013-10-21 15:49 - 2013-10-21 15:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-21 15:46 - 2012-10-03 19:04 - 05540008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-10-21 15:46 - 2012-10-03 19:02 - 10316800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2013-10-21 15:46 - 2012-10-03 18:59 - 24854528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2013-10-21 15:46 - 2012-10-03 18:31 - 20445696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-10-21 15:46 - 2012-10-03 17:58 - 00070144 _____ (AMD) C:\Windows\system32\coinst_8.982.10.8.dll
2013-10-21 15:46 - 2012-10-03 17:56 - 00270536 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-10-21 15:46 - 2012-10-03 17:56 - 00270536 _____ C:\Windows\system32\atiapfxx.blb
2013-10-21 15:46 - 2012-10-03 17:55 - 00163840 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2013-10-21 15:46 - 2012-10-03 17:54 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2013-10-21 15:46 - 2012-10-03 17:54 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-10-21 15:46 - 2012-10-03 17:53 - 16034304 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2013-10-21 15:46 - 2012-10-03 17:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-10-21 15:46 - 2012-10-03 17:53 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2013-10-21 15:46 - 2012-10-03 17:49 - 13605888 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-10-21 15:46 - 2012-10-03 17:46 - 00927744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-10-21 15:46 - 2012-10-03 17:42 - 06430208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-10-21 15:46 - 2012-10-03 17:32 - 00534528 _____ (AMD) C:\Windows\system32\atieclxx.exe
2013-10-21 15:46 - 2012-10-03 17:32 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2013-10-21 15:46 - 2012-10-03 17:31 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2013-10-21 15:46 - 2012-10-03 17:30 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2013-10-21 15:46 - 2012-10-03 17:29 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2013-10-21 15:46 - 2012-10-03 17:29 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2013-10-21 15:46 - 2012-10-03 17:29 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2013-10-21 15:46 - 2012-10-03 17:28 - 04753408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00540672 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00056832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00056832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00056320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00056320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-10-21 15:46 - 2012-10-03 17:08 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2013-10-21 15:46 - 2012-10-03 17:07 - 00370688 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2013-10-21 15:46 - 2012-10-03 17:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-10-21 15:46 - 2012-10-03 17:06 - 00083456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-10-21 15:46 - 2012-10-03 17:05 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2013-10-21 15:46 - 2012-08-02 16:34 - 00038316 _____ C:\Windows\atiogl.xml
2013-10-21 15:42 - 2013-10-21 15:42 - 00000000 ____D C:\ProgramData\CLSK
2013-10-21 15:20 - 2013-10-21 15:20 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\AVG2014
2013-10-21 15:19 - 2013-10-21 15:19 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-21 15:16 - 2013-10-21 15:20 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-21 10:33 - 2013-10-21 10:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 10:33 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-21 10:33 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-21 10:33 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-21 10:33 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-21 10:32 - 2013-10-21 10:33 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-18 20:25 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-18 20:25 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-10-18 20:25 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-18 20:25 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-10-18 20:25 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-18 20:25 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-10-18 20:25 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-10-18 20:24 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-10-18 20:24 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-10-18 20:24 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-10-18 20:24 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-18 20:24 - 2013-08-02 07:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-18 20:24 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-18 20:24 - 2013-08-02 06:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-18 20:24 - 2013-07-31 00:30 - 00386923 _____ C:\Windows\system32\ApnDatabase.xml
2013-10-18 20:24 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-18 20:24 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-10-18 20:21 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-10-18 20:21 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-10-18 20:21 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-10-18 20:21 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-10-18 20:21 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-10-18 20:21 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-10-18 18:03 - 2013-10-18 18:03 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 19:45 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-17 19:45 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-17 19:45 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-17 19:45 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-17 19:45 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-17 19:45 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-17 19:45 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-17 19:45 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-17 19:45 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-17 19:45 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-17 19:45 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-17 19:45 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-17 19:45 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-10-17 19:45 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-10-17 19:45 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-17 19:45 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-17 19:45 - 2013-04-28 23:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-10-17 19:45 - 2013-02-21 11:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-17 19:45 - 2013-02-21 11:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-17 19:45 - 2013-02-21 11:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-17 19:45 - 2013-02-21 11:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-17 19:45 - 2013-02-21 11:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-17 19:45 - 2013-02-21 11:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-17 19:45 - 2013-02-19 10:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-10-17 19:45 - 2012-11-08 05:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-17 19:45 - 2012-11-08 05:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 18:17 - 2013-10-11 18:17 - 00389032 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 19:54 - 2013-08-23 06:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 13:49 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 13:49 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 13:33 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 13:33 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 13:33 - 2013-07-01 23:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 13:33 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-10 13:33 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 13:33 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 13:33 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 13:33 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-10 11:14 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 11:14 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 11:14 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 11:14 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 11:09 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 11:09 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 11:09 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 11:09 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 11:09 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 11:09 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 11:06 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:06 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:06 - 2013-07-02 02:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-10 11:06 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-10 11:06 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-06 18:29 - 2013-10-06 18:29 - 00001535 _____ C:\Users\[Vorname Nachname]\AppData\Local\recently-used.xbel
2013-10-05 13:55 - 2013-10-05 13:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-05 12:50 - 2013-10-21 19:30 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Avg2014
2013-10-01 10:28 - 2013-10-01 10:28 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\aus dem Fernsehen
2013-10-01 09:51 - 2013-10-01 09:51 - 78769095 _____ C:\Users\[Vorname Nachname]\Documents\Gespräch.mp4
2013-10-01 09:49 - 2013-10-01 10:41 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Kabarett

==================== One Month Modified Files and Folders =======

2013-10-27 19:42 - 2013-10-27 19:42 - 00000401 _____ C:\Users\[Vorname Nachname]\Desktop\regfix.reg
2013-10-27 19:42 - 2013-03-06 11:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2229220886-3483987971-1552778777-1001
2013-10-27 19:37 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-27 18:56 - 2012-10-22 06:38 - 01752134 _____ C:\Windows\WindowsUpdate.log
2013-10-27 18:36 - 2012-10-22 07:15 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-10-27 18:36 - 2012-10-22 07:15 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-10-27 18:36 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-27 18:28 - 2012-08-03 03:22 - 00057546 _____ C:\Windows\PFRO.log
2013-10-27 18:19 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-27 18:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-27 17:21 - 2013-05-14 10:36 - 00000000 ____D C:\ProgramData\MFAData
2013-10-27 16:43 - 2013-10-27 16:44 - 00891167 _____ C:\Users\[Vorname Nachname]\Downloads\SecurityCheck.exe
2013-10-27 16:43 - 2013-10-27 16:44 - 00891167 _____ C:\Users\[Vorname Nachname]\Desktop\SecurityCheck.exe
2013-10-27 14:23 - 2013-10-27 14:23 - 02347384 _____ (ESET) C:\Users\[Vorname Nachname]\Downloads\esetsmartinstaller_enu.exe
2013-10-27 14:19 - 2013-10-27 14:18 - 00003196 _____ C:\Users\[Vorname Nachname]\Desktop\SystemLook.txt
2013-10-27 14:17 - 2013-10-27 14:17 - 00165376 _____ C:\Users\[Vorname Nachname]\Desktop\SystemLook_x64.exe
2013-10-26 19:21 - 2013-08-07 18:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-26 19:18 - 2013-10-26 19:18 - 00001606 _____ C:\Users\[Vorname Nachname]\Desktop\JRT.txt
2013-10-26 19:09 - 2013-10-26 19:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-26 19:06 - 2013-10-26 19:06 - 01033335 _____ (Thisisu) C:\Users\[Vorname Nachname]\Desktop\JRT.exe
2013-10-26 19:02 - 2013-10-26 19:02 - 00001227 _____ C:\Users\[Vorname Nachname]\Desktop\AdwCleaner[S2].txt
2013-10-26 18:57 - 2013-10-25 21:26 - 00000000 ____D C:\AdwCleaner
2013-10-26 12:28 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-26 12:04 - 2013-10-26 12:04 - 00000000 ____D C:\FRST
2013-10-26 12:03 - 2013-10-26 12:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Downloads\FRST64.exe
2013-10-26 12:03 - 2013-10-26 12:03 - 01956086 _____ (Farbar) C:\Users\[Vorname Nachname]\Desktop\FRST64.exe
2013-10-25 23:11 - 2013-10-25 23:11 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\Malwarebytes
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-25 23:11 - 2013-10-25 23:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 23:10 - 2013-10-25 23:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\[Vorname Nachname]\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 21:25 - 2013-10-25 21:25 - 01060070 _____ C:\Users\[Vorname Nachname]\Desktop\adwcleaner-3.010.exe
2013-10-25 19:28 - 2013-03-06 10:24 - 00000000 ____D C:\Users\[Vorname Nachname]
2013-10-25 19:27 - 2013-10-25 19:27 - 00002408 _____ C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-10-25 19:26 - 2013-03-06 21:59 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\CrashDumps
2013-10-25 19:20 - 2013-10-25 19:19 - 00000000 ____D C:\Users\[Vorname Nachname]\.mediathek3
2013-10-25 18:49 - 2013-03-06 16:01 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Adobe
2013-10-24 11:09 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-10-22 21:12 - 2013-10-22 21:11 - 00000000 ____D C:\Users\[Vorname Nachname]\Desktop\Bewerbung 1
2013-10-21 21:12 - 2013-03-15 17:47 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Audible
2013-10-21 19:30 - 2013-10-05 12:50 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Local\Avg2014
2013-10-21 18:25 - 2013-04-16 11:31 - 00000000 ____D C:\Update
2013-10-21 15:50 - 2013-10-21 15:50 - 00000000 ____D C:\ProgramData\ATI
2013-10-21 15:49 - 2013-10-21 15:49 - 00000000 ____D C:\ProgramData\AMD
2013-10-21 15:49 - 2013-10-21 15:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-21 15:49 - 2012-10-22 06:33 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-10-21 15:46 - 2012-07-26 08:21 - 00042543 _____ C:\Windows\setupact.log
2013-10-21 15:43 - 2012-10-22 07:11 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-21 15:43 - 2012-10-22 07:00 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-10-21 15:43 - 2003-03-18 19:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-10-21 15:43 - 2003-02-21 03:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-10-21 15:42 - 2013-10-21 15:42 - 00000000 ____D C:\ProgramData\CLSK
2013-10-21 15:41 - 2012-10-22 06:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-21 15:23 - 2013-05-14 10:37 - 00000000 ____D C:\ProgramData\AVG2013
2013-10-21 15:20 - 2013-10-21 15:20 - 00000000 ____D C:\Users\[Vorname Nachname]\AppData\Roaming\AVG2014
2013-10-21 15:20 - 2013-10-21 15:16 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-21 15:20 - 2013-05-14 10:37 - 00000000 ___HD C:\$AVG
2013-10-21 15:20 - 2013-05-14 10:37 - 00000000 ____D C:\Program Files (x86)\AVG
2013-10-21 15:19 - 2013-10-21 15:19 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-21 15:19 - 2013-08-28 20:24 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-21 15:19 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-10-21 10:33 - 2013-10-21 10:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 10:33 - 2013-10-21 10:32 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-21 10:33 - 2013-06-23 20:59 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-20 14:37 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-10-20 12:11 - 2013-03-06 10:25 - 00000000 ___RD C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-20 12:11 - 2013-03-06 10:25 - 00000000 ___RD C:\Users\[Vorname Nachname]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-19 23:00 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2013-10-18 18:03 - 2013-10-18 18:03 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 11:35 - 2013-03-06 11:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 11:20 - 2013-07-21 15:56 - 00000000 ____D C:\Windows\system32\MRT
2013-10-14 11:16 - 2013-04-17 11:23 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-11 18:17 - 2013-10-11 18:17 - 00389032 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-08 17:01 - 2013-05-14 09:04 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Bewerbungsunterlagen
2013-10-08 06:50 - 2013-10-21 10:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 06:46 - 2013-10-21 10:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 06:46 - 2013-10-21 10:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 06:46 - 2013-10-21 10:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-06 18:39 - 2013-08-24 14:49 - 00000000 ____D C:\Users\[Vorname Nachname]\.gimp-2.8
2013-10-06 18:29 - 2013-10-06 18:29 - 00001535 _____ C:\Users\[Vorname Nachname]\AppData\Local\recently-used.xbel
2013-10-05 21:01 - 2013-03-06 12:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 18:40 - 2013-05-04 10:42 - 00007680 _____ C:\Users\[Vorname Nachname]\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-05 13:55 - 2013-10-05 13:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-02 02:38 - 2013-09-12 16:29 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 02:38 - 2013-09-12 16:29 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 10:41 - 2013-10-01 09:49 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\Kabarett
2013-10-01 10:28 - 2013-10-01 10:28 - 00000000 ____D C:\Users\[Vorname Nachname]\Documents\aus dem Fernsehen
2013-10-01 09:51 - 2013-10-01 09:51 - 78769095 _____ C:\Users\[Vorname Nachname]\Documents\Gespräch.mp4
2013-10-01 09:34 - 2013-07-08 09:34 - 00000000 ____D C:\Users\[Vorname Nachname]\dwhelper

Some content of TEMP:
====================
C:\Users\[Vorname Nachname]\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\[Vorname Nachname]\AppData\Local\Temp\Quarantine.exe
C:\Users\[Vorname Nachname]\AppData\Local\Temp\ResetDevice.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-19 11:54

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

schrauber · 28.10.2013, 10:39

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

pferdedings · 28.10.2013, 11:47

Jap, alles bestens. Danke auch für die Tipps.

schrauber · 28.10.2013, 18:45

Gern Geschehen

28.10.2013, 18:45	#12
schrauber /// the machine /// TB-Ausbilder	Snap.do vollständig löschen, auch aus Systemsteuerung... Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Snap.do vollständig löschen, auch aus Systemsteuerung...

Plagegeister aller Art und deren Bekämpfung: Snap.do vollständig löschen, auch aus Systemsteuerung...