Ärger mit "websearches und mediaplayerplus" Trojanern-/Vierenprogrammen

Fränky76 · 27.05.2014, 17:01

Hallo,

ich benötige bitte dringend fachliche Hilfe bei meinem Problem(en). Ich habe mir, wie auch immer!?, meinen Laptop verseucht und komme damit nicht alleine klar. Eine Augenscheinliche Suchmaschine namens "Websearches" hat sich bei mit eingenistet und sorgt für fehlverlinkungen, veränderte Parameter im Browser, Werbung und so weiter...

Weiter habe ich ein Problem mit scheinbar willkürlichen Verlinkungen auf Webseiten, die durch einen kleinen grünen Pfeil gekennzeichnet sind und auf diverse Seiten füren...

Ich hoffe ihr könnt mir helfen, meinen Rechner wieder clean zu bekommen, ohne ihn komplett neu aufsetzten zu müssen.

Ich nutze Windows 7 Prof. und Mozilla Firefox...

Danke....

Frank

schrauber · 27.05.2014, 17:24

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Fränky76 · 27.05.2014, 17:56

FRST-Editor

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 02
Ran by korinth (administrator) on KORINTH-PC on 27-05-2014 18:39:33
Running from C:\Users\korinth\Downloads
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(OptionNV) C:\Windows\System32\Gtdetectsc.exe
(OptionNV) C:\Windows\System32\GtFlashSwitch.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\sony\ISB Utility\ISBMgr.exe
(NSCE) C:\Program Files\sony\WWAN\WWAN_reminder.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMgr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\OPT Drive Power Saving.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update\VUAgent.exe
() C:\Program Files\V-bates\ExtensionUpdaterService.exe
(Wajamu) C:\Program Files\V-bates\guardsvc.exe
(Wajamu) C:\Program Files\V-bates\notifier.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2006-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4399104 2007-03-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1822720 2007-03-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AML] => C:\Program Files\Sony\VAIO AV Mode Launcher\AML.exe [1241088 2007-04-11] (Sony)
HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [321656 2007-04-02] (Sony Corporation)
HKLM\...\Run: [WWAN_reminder] => C:\Program Files\Sony\WWAN\WWAN_reminder.exe [36864 2007-04-19] (NSCE)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [fst_de_7] => [X]
HKLM\...\Run: [V-bates] => C:\Program Files\V-bates\notifier.exe [375584 2014-04-07] (Wajamu)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKU\S-1-5-21-757258568-2909039622-4210959049-1004\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-757258568-2909039622-4210959049-1004\...\Run: [AppleIEDAV] => C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2510 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP ENVY 110 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP ENVY 110 series.lnk -> C:\Program Files\HP\HP ENVY 110 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399729840&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS&q={searchTerms}
SearchScopes: HKLM - {F9872F96-C881-4FA4-827B-A50BC1CFE4E6} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKCU - {C0BE6A3E-C4A2-45A5-9C83-70F5B8D5DE45} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO: V-bates - {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} - C:\Program Files\V-bates\Extension32.dll ()
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default
FF Homepage: hxxp://istart.webssearches.com/?type=hppp&ts=1401208115&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF user.js: detected! => C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MediaPlayerplus - C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-05-18]
FF Extension: Quick Start - C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\Extensions\quick_start@gmail.com [2014-05-22]
FF Extension: Yahoo! Toolbar - C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-02-23]
FF Extension: Foxtab Speed Dial - C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi [2014-05-11]
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2012-11-24]
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\extensions\quick_start@gmail.com [2014-05-22]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: V-bates - C:\Program Files\V-bates\Firefox [2014-05-27]

========================== Services (Whitelisted) =================

R2 gtdetectsc; C:\Windows\system32\gtdetectsc.exe [123208 2007-04-24] (OptionNV)
R2 GtFlashSwitch; C:\Windows\system32\GtFlashSwitch.exe [123208 2007-04-24] (OptionNV)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 Mext Guard; C:\Program Files\V-bates\guardsvc.exe [129312 2014-04-07] (Wajamu)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S2 NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [200704 2007-05-15] (Sony Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] ()
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
R2 V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [210208 2014-04-07] ()
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-04-04] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1228336 2014-02-27] (Sony Corporation)
S2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation)
S2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation)
S2 Update KingBrowse; "C:\Program Files\KingBrowse\updateKingBrowse.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [8064 2007-04-24] (Option N.V.)
S3 GTSCSER; C:\Windows\System32\DRIVERS\gtscser.sys [20992 2007-04-24] (Option N.V.)
S3 GTUQBUS; C:\Windows\System32\DRIVERS\gtuqbus.sys [36992 2007-04-24] (Option N.V.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R0 shpf; C:\Windows\System32\DRIVERS\shpf.sys [14720 2007-03-19] (Sony Corporation)
R3 SonyImgF; C:\Windows\System32\DRIVERS\SonyImgF.sys [31104 2007-04-05] (Sony Corporation)
R3 SPI; C:\Windows\System32\DRIVERS\SonyPI.sys [14720 2007-08-03] (Sony Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw; C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [52920 2014-05-09] (StdLib)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-27 18:39 - 2014-05-27 18:40 - 00019958 _____ () C:\Users\korinth\Downloads\FRST.txt
2014-05-27 18:39 - 2014-05-27 18:39 - 01056256 _____ (Farbar) C:\Users\korinth\Downloads\FRST.exe
2014-05-27 18:39 - 2014-05-27 18:39 - 00000000 ____D () C:\FRST
2014-05-27 18:16 - 2014-05-27 18:16 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {A37F0B1F-B1C5-4DC1-B8BF-D18441D4FF4E}.job
2014-05-27 18:15 - 2014-05-27 18:15 - 00000352 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-05-27 18:15 - 2014-05-27 18:15 - 00000000 ____D () C:\Users\korinth\AppData\Local\30128
2014-05-27 18:12 - 2014-05-27 18:13 - 04941600 _____ () C:\Users\korinth\Downloads\installer_microsoft_powertoys_image_resizer_1_0_Deutsch.exe
2014-05-26 13:46 - 2014-05-26 13:52 - 00000000 ____D () C:\Users\korinth\Desktop\ebay
2014-05-23 10:00 - 2014-05-26 13:50 - 00000000 ____D () C:\Users\korinth\Desktop\Handy 23.05.2014 2
2014-05-23 09:58 - 2014-05-23 09:59 - 00000000 ____D () C:\Users\korinth\Desktop\Handy 23.05.2014
2014-05-23 09:39 - 2014-05-23 09:39 - 00602587 _____ () C:\Users\korinth\Downloads\Rechnungen.zip
2014-05-22 18:24 - 2014-05-22 18:24 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-05-20 19:39 - 2014-05-22 20:23 - 00021746 _____ () C:\Users\korinth\Desktop\GMX Mahnung.odt
2014-05-18 19:29 - 2014-05-18 19:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-16 15:15 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 15:15 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 15:15 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 11:51 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 11:51 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 11:50 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 11:50 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 11:50 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 11:50 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 11:50 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 11:50 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 11:50 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 11:50 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-15 11:50 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 11:50 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 11:50 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 11:48 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-11 20:42 - 2014-05-11 20:42 - 00000000 ____D () C:\Program Files\predm
2014-05-11 11:09 - 2014-05-11 20:38 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-11 11:09 - 2014-05-11 20:38 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-11 11:09 - 2014-05-11 11:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-11 10:22 - 2014-05-11 20:34 - 00001095 _____ () C:\Users\korinth\Desktop\Continue VuuPC Installation.lnk
2014-05-11 00:52 - 2014-05-09 17:03 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys
2014-05-11 00:06 - 2014-05-27 18:06 - 00000296 _____ () C:\Windows\Tasks\FoxTab.job
2014-05-11 00:06 - 2014-05-18 20:06 - 00000082 _____ () C:\Users\korinth\AppData\Roaming\WB.CFG
2014-05-11 00:06 - 2014-05-11 00:06 - 00000000 ____D () C:\Users\korinth\AppData\Roaming\FoxTab
2014-05-11 00:06 - 2014-05-11 00:06 - 00000000 ____D () C:\Program Files\Foxtab
2014-05-10 23:43 - 2014-05-10 23:43 - 00000000 ____D () C:\ProgramData\2308189059
2014-05-10 23:25 - 2014-05-12 00:45 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-05-10 23:25 - 2014-05-11 09:31 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-05-10 23:25 - 2014-05-11 09:26 - 00000368 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-05-10 23:24 - 2014-05-10 23:24 - 00000000 ____D () C:\ProgramData\Registry Helper
2014-05-10 23:22 - 2014-05-27 18:16 - 00000000 ____D () C:\Program Files\V-bates
2014-05-10 23:17 - 2014-05-10 23:17 - 00000000 ____D () C:\Users\korinth\AppData\Local\com
2014-05-10 23:16 - 2014-05-10 23:44 - 00000000 ____D () C:\Users\korinth\AppData\Roaming\Systweak
2014-05-10 23:16 - 2014-04-25 14:49 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot.exe
2014-05-10 16:37 - 2014-05-08 16:51 - 01727856 _____ (AnyProtect.com) C:\Users\korinth\AppData\Local\AnyProtectScannerSetup.exe
2014-05-10 15:59 - 2014-05-11 20:44 - 00000000 ____D () C:\ProgramData\WPM
2014-05-10 15:59 - 2014-05-10 16:00 - 00000000 ____D () C:\ProgramData\IePluginService
2014-05-10 15:59 - 2014-05-10 16:00 - 00000000 ____D () C:\Program Files\SupTab
2014-05-10 15:59 - 2014-05-10 15:59 - 00000000 ____D () C:\Users\korinth\AppData\Roaming\SupTab
2014-05-10 15:58 - 2014-05-27 17:08 - 00001532 _____ () C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job
2014-05-10 15:56 - 2014-05-27 17:08 - 00001418 _____ () C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job
2014-05-10 15:55 - 2014-05-11 00:45 - 00000318 _____ () C:\Users\korinth\AppData\Roaming\aps.uninstall.scan.results
2014-05-10 15:54 - 2014-05-27 17:08 - 00001446 _____ () C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job
2014-05-10 15:53 - 2014-05-10 15:53 - 01745400 _____ (AnyProtect.com) C:\Users\korinth\AppData\Local\nsc7B2C.tmp
2014-05-10 15:52 - 2014-05-27 17:08 - 00002166 _____ () C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job
2014-05-10 15:52 - 2014-05-10 15:52 - 00000000 ____D () C:\Users\korinth\Documents\Optimizer Pro
2014-05-10 15:51 - 2014-05-27 17:08 - 00003446 _____ () C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job
2014-05-10 15:51 - 2014-05-10 15:58 - 00000000 ____D () C:\Program Files\MediaPlayerplus
2014-05-10 15:50 - 2014-05-27 17:08 - 00003438 _____ () C:\Windows\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job
2014-05-10 15:50 - 2014-05-10 23:43 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-05-10 15:49 - 2014-05-11 20:43 - 00000000 ____D () C:\Users\korinth\AppData\Local\Genesis
2014-05-10 15:49 - 2014-05-11 20:40 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-05-10 15:49 - 2014-05-10 15:50 - 00000000 ____D () C:\Program Files\Freeven pro
2014-05-10 15:47 - 2014-05-10 15:47 - 00000000 ____D () C:\Users\korinth\AppData\Local\SearchProtect
2014-05-10 15:47 - 2014-05-10 15:47 - 00000000 _____ () C:\END
2014-05-10 15:44 - 2014-05-10 15:44 - 00494512 _____ () C:\Users\korinth\Downloads\Player_Setup.exe
2014-05-10 00:39 - 2014-05-27 18:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-07 09:51 - 2014-05-18 19:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 18:32 - 2014-05-06 18:32 - 00283376 _____ (Mozilla) C:\Users\korinth\Downloads\Firefox Setup Stub 29.0.exe
2014-05-04 20:03 - 2014-05-04 20:09 - 00000000 ____D () C:\Users\korinth\Desktop\Scharbeutz
2014-05-04 12:29 - 2014-05-04 12:29 - 00028598 _____ () C:\Users\korinth\Documents\Staatsanwalt.odt
2014-05-04 09:53 - 2014-05-04 09:54 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(2).exe
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieUserList
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieSiteList
2014-05-04 09:26 - 2014-05-04 09:33 - 00002212 _____ () C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
2014-05-04 09:26 - 2014-05-04 09:26 - 00001159 _____ () C:\Users\Public\Desktop\Shop für Zubehör - HP Deskjet 2510 series.lnk
2014-05-04 09:20 - 2014-05-04 09:22 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(1).exe
2014-05-04 09:16 - 2014-05-04 09:18 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313.exe

==================== One Month Modified Files and Folders =======

2014-05-27 18:40 - 2014-05-27 18:39 - 00019958 _____ () C:\Users\korinth\Downloads\FRST.txt
2014-05-27 18:39 - 2014-05-27 18:39 - 01056256 _____ (Farbar) C:\Users\korinth\Downloads\FRST.exe
2014-05-27 18:39 - 2014-05-27 18:39 - 00000000 ____D () C:\FRST
2014-05-27 18:39 - 2012-02-11 16:20 - 00009744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 18:39 - 2012-02-11 16:20 - 00009744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 18:30 - 2013-03-30 18:41 - 00077312 ___SH () C:\Users\korinth\Desktop\Thumbs.db
2014-05-27 18:22 - 2012-02-12 18:14 - 00000000 ____D () C:\Windows\Minidump
2014-05-27 18:20 - 2014-05-10 00:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-27 18:17 - 2012-04-08 12:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 18:16 - 2014-05-27 18:16 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {A37F0B1F-B1C5-4DC1-B8BF-D18441D4FF4E}.job
2014-05-27 18:16 - 2014-05-10 23:22 - 00000000 ____D () C:\Program Files\V-bates
2014-05-27 18:15 - 2014-05-27 18:15 - 00000352 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-05-27 18:15 - 2014-05-27 18:15 - 00000000 ____D () C:\Users\korinth\AppData\Local\30128
2014-05-27 18:13 - 2014-05-27 18:12 - 04941600 _____ () C:\Users\korinth\Downloads\installer_microsoft_powertoys_image_resizer_1_0_Deutsch.exe
2014-05-27 18:06 - 2014-05-11 00:06 - 00000296 _____ () C:\Windows\Tasks\FoxTab.job
2014-05-27 17:26 - 2012-02-11 17:04 - 01769737 ____N () C:\Windows\WindowsUpdate.log
2014-05-27 17:08 - 2014-05-10 15:58 - 00001532 _____ () C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job
2014-05-27 17:08 - 2014-05-10 15:56 - 00001418 _____ () C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job
2014-05-27 17:08 - 2014-05-10 15:54 - 00001446 _____ () C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job
2014-05-27 17:08 - 2014-05-10 15:52 - 00002166 _____ () C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job
2014-05-27 17:08 - 2014-05-10 15:51 - 00003446 _____ () C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job
2014-05-27 17:08 - 2014-05-10 15:50 - 00003438 _____ () C:\Windows\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job
2014-05-27 17:08 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-26 16:17 - 2014-03-10 20:50 - 00000000 ____D () C:\Users\korinth\Desktop\Honda Prelude
2014-05-26 13:52 - 2014-05-26 13:46 - 00000000 ____D () C:\Users\korinth\Desktop\ebay
2014-05-26 13:50 - 2014-05-23 10:00 - 00000000 ____D () C:\Users\korinth\Desktop\Handy 23.05.2014 2
2014-05-26 13:02 - 2012-02-22 19:07 - 00000000 ____D () C:\Update
2014-05-23 09:59 - 2014-05-23 09:58 - 00000000 ____D () C:\Users\korinth\Desktop\Handy 23.05.2014
2014-05-23 09:39 - 2014-05-23 09:39 - 00602587 _____ () C:\Users\korinth\Downloads\Rechnungen.zip
2014-05-22 20:23 - 2014-05-20 19:39 - 00021746 _____ () C:\Users\korinth\Desktop\GMX Mahnung.odt
2014-05-22 18:25 - 2007-04-27 09:48 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-05-22 18:24 - 2014-05-22 18:24 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-05-22 18:24 - 2007-04-26 12:11 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-22 18:24 - 2007-04-26 11:01 - 00000000 ____D () C:\Program Files\sony
2014-05-19 20:22 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-19 03:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-19 03:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-18 21:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-18 20:06 - 2014-05-11 00:06 - 00000082 _____ () C:\Users\korinth\AppData\Roaming\WB.CFG
2014-05-18 19:38 - 2014-05-07 09:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-18 19:36 - 2013-07-21 16:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-18 19:30 - 2012-02-12 18:44 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-18 19:29 - 2014-05-18 19:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-18 19:29 - 2007-04-27 09:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 16:07 - 2014-03-01 08:05 - 00000000 ____D () C:\Users\korinth\Fränki
2014-05-15 13:17 - 2012-04-08 12:27 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-15 13:17 - 2012-02-11 18:12 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-12 00:45 - 2014-05-10 23:25 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-05-11 20:44 - 2014-05-10 15:59 - 00000000 ____D () C:\ProgramData\WPM
2014-05-11 20:43 - 2014-05-10 15:49 - 00000000 ____D () C:\Users\korinth\AppData\Local\Genesis
2014-05-11 20:42 - 2014-05-11 20:42 - 00000000 ____D () C:\Program Files\predm
2014-05-11 20:40 - 2014-05-10 15:49 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-05-11 20:38 - 2014-05-11 11:09 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-11 20:38 - 2014-05-11 11:09 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-11 20:38 - 2012-02-11 17:23 - 00001409 _____ () C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-11 20:34 - 2014-05-11 10:22 - 00001095 _____ () C:\Users\korinth\Desktop\Continue VuuPC Installation.lnk
2014-05-11 11:09 - 2014-05-11 11:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-11 10:54 - 2012-02-11 16:14 - 00000000 ____D () C:\Windows\Panther
2014-05-11 09:38 - 2012-11-24 19:09 - 00000000 ____D () C:\Users\korinth\AppData\Roaming\HpUpdate
2014-05-11 09:31 - 2014-05-10 23:25 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-05-11 09:26 - 2014-05-10 23:25 - 00000368 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-05-11 00:45 - 2014-05-10 15:55 - 00000318 _____ () C:\Users\korinth\AppData\Roaming\aps.uninstall.scan.results
2014-05-11 00:06 - 2014-05-11 00:06 - 00000000 ____D () C:\Users\korinth\AppData\Roaming\FoxTab
2014-05-11 00:06 - 2014-05-11 00:06 - 00000000 ____D () C:\Program Files\Foxtab
2014-05-11 00:00 - 2013-07-17 14:50 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-05-11 00:00 - 2013-07-17 14:49 - 00000000 ____D () C:\Program Files\epson
2014-05-10 23:51 - 2012-02-23 11:36 - 00000000 ____D () C:\Program Files\Common Files\Lexware
2014-05-10 23:50 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-05-10 23:44 - 2014-05-10 23:16 - 00000000 ____D () C:\Users\korinth\AppData\Roaming\Systweak
2014-05-10 23:43 - 2014-05-10 23:43 - 00000000 ____D () C:\ProgramData\2308189059
2014-05-10 23:43 - 2014-05-10 15:50 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-05-10 23:36 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-05-10 23:35 - 2013-07-17 14:53 - 00000000 ____D () C:\Program Files\Epson Software
2014-05-10 23:34 - 2013-07-17 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2014-05-10 23:32 - 2013-07-17 14:46 - 00000000 ____D () C:\ProgramData\EPSON
2014-05-10 23:24 - 2014-05-10 23:24 - 00000000 ____D () C:\ProgramData\Registry Helper
2014-05-10 23:17 - 2014-05-10 23:17 - 00000000 ____D () C:\Users\korinth\AppData\Local\com
2014-05-10 16:00 - 2014-05-10 15:59 - 00000000 ____D () C:\ProgramData\IePluginService
2014-05-10 16:00 - 2014-05-10 15:59 - 00000000 ____D () C:\Program Files\SupTab
2014-05-10 15:59 - 2014-05-10 15:59 - 00000000 ____D () C:\Users\korinth\AppData\Roaming\SupTab
2014-05-10 15:58 - 2014-05-10 15:51 - 00000000 ____D () C:\Program Files\MediaPlayerplus
2014-05-10 15:53 - 2014-05-10 15:53 - 01745400 _____ (AnyProtect.com) C:\Users\korinth\AppData\Local\nsc7B2C.tmp
2014-05-10 15:52 - 2014-05-10 15:52 - 00000000 ____D () C:\Users\korinth\Documents\Optimizer Pro
2014-05-10 15:50 - 2014-05-10 15:49 - 00000000 ____D () C:\Program Files\Freeven pro
2014-05-10 15:49 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-10 15:47 - 2014-05-10 15:47 - 00000000 ____D () C:\Users\korinth\AppData\Local\SearchProtect
2014-05-10 15:47 - 2014-05-10 15:47 - 00000000 _____ () C:\END
2014-05-10 15:44 - 2014-05-10 15:44 - 00494512 _____ () C:\Users\korinth\Downloads\Player_Setup.exe
2014-05-09 17:03 - 2014-05-11 00:52 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys
2014-05-09 09:06 - 2014-05-15 11:51 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-15 11:51 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 16:51 - 2014-05-10 16:37 - 01727856 _____ (AnyProtect.com) C:\Users\korinth\AppData\Local\AnyProtectScannerSetup.exe
2014-05-06 18:32 - 2014-05-06 18:32 - 00283376 _____ (Mozilla) C:\Users\korinth\Downloads\Firefox Setup Stub 29.0.exe
2014-05-06 05:25 - 2014-05-16 15:15 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-16 15:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-16 15:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-04 20:09 - 2014-05-04 20:03 - 00000000 ____D () C:\Users\korinth\Desktop\Scharbeutz
2014-05-04 19:57 - 2012-02-11 17:18 - 01619700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-04 12:29 - 2014-05-04 12:29 - 00028598 _____ () C:\Users\korinth\Documents\Staatsanwalt.odt
2014-05-04 09:54 - 2014-05-04 09:53 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(2).exe
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieUserList
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieSiteList
2014-05-04 09:33 - 2014-05-04 09:26 - 00002212 _____ () C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
2014-05-04 09:33 - 2012-11-24 19:07 - 00000000 ____D () C:\Users\korinth\AppData\Local\HP
2014-05-04 09:27 - 2012-11-24 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-04 09:27 - 2012-11-24 19:07 - 00000000 ____D () C:\Program Files\HP
2014-05-04 09:26 - 2014-05-04 09:26 - 00001159 _____ () C:\Users\Public\Desktop\Shop für Zubehör - HP Deskjet 2510 series.lnk
2014-05-04 09:22 - 2014-05-04 09:20 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(1).exe
2014-05-04 09:18 - 2014-05-04 09:16 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313.exe
2014-05-04 08:57 - 2012-11-24 19:08 - 00000000 ____D () C:\ProgramData\HP

Some content of TEMP:
====================
C:\Users\korinth\AppData\Local\Temp\instloffer.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-15 11:50] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 00:12

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-05-2014 02
Ran by korinth at 2014-05-27 18:41:30
Running from C:\Users\korinth\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader 8 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A80000000002}) (Version: 8.0.0 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battery Care Function (HKLM\...\{3A23120C-CD83-4CE6-B451-C5C998052522}) (Version: 1.2.00.02130 - Sony Corporation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Click to DVD 2.0.05 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.05 - Sony Corporation)
Click to DVD 2.6.00 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.6.00 - Sony Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Foxtab (HKLM\...\foxtab) (Version:  - FoxTab) <==== ATTENTION
Freeven pro (HKLM\...\Freeven pro) (Version: 1.34.5.4 - Freeven) <==== ATTENTION
Hammer Process (HKLM\...\{AF37C116-302B-4DF5-A62F-54CE95EC4982}) (Version: 1.0.0 - Sony NSCE)
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
HP Deskjet 2510 series - Grundlegende Software für das Gerät (HKLM\...\{A3B40F90-312F-497B-A631-D0C7D37D7C59}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Hilfe (HKLM\...\{07B48D2C-E60D-41E6-B546-11D128F633EC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Setup Guide (HKLM\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP ENVY 110 series - Grundlegende Software für das Gerät (HKLM\...\{562B89CE-2FF3-4573-B67C-67EB8CF8063D}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
HP ENVY 110 series Hilfe (HKLM\...\{D4444B31-E9E9-4389-B35D-41B5BCA5E9FB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.10572 - HP Photo Creations)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
Instant Mode (HKLM\...\{E6707034-D7A4-49B1-94D0-F5AACE46F06C}) (Version: 1.0.0 - InterVideo)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MediaPlayerplus (HKLM\...\MediaPlayerplus) (Version: 1.34.5.4 - Freeven) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Offline Page DE (HKLM\...\{75C7F7F1-2347-4F4F-B125-F80AA3491C2A}) (Version: 1.0.0 - Sony NSCE)
OpenMG Limited Patch 4.7-07-13-24-01 (HKLM\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )
OpenMG Secure Module 4.7.00 (HKLM\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140 - Sony Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Peripheral Device & Storage Media Restriction Setting Utility (HKLM\...\{3F07C18C-6FD4-4746-A282-30D70571867C}) (Version: 1.2.00.02130 - Sony Corporation)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
Roxio Easy Media Creator Home (HKLM\...\{B7FB0C86-41A4-4402-9A33-912C462042A0}) (Version: 9.0.178 - Roxio)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Setting Utility Series (HKLM\...\{59452470-A902-477F-9338-9B88101681BD}) (Version: 2.1.00.16060 - Sony Corporation)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Software Version Updater (HKLM\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION
SonicStage 4.3 (HKLM\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)
Sony Utilities DLL (HKLM\...\{EF3D45BB-2260-4008-88EA-492E7744A9DF}) (Version: 7.1.00.15150 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.1.03 - Sony Corporation)
Studie zur Verbesserung von HP Deskjet 2510 series Produkten (HKLM\...\{CDE2DEBC-B8AD-41A2-AE45-A8CE9A41EF8F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Studie zur Verbesserung von HP ENVY 110 series Produkten (HKLM\...\{C09E526E-586C-4AD1-B2C0-A632CAA59C25}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VAIO Aqua Breeze Wallpaper (HKLM\...\{97BCD719-6ECB-458F-97D6-F38D2E07375E}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO AV Mode Launcher (HKLM\...\{428A6DA3-FD56-44AE-B602-15DCCD6A7515}) (Version: 1.1.00.04110 - Sony Corporation)
VAIO Camera Capture Utility (HKLM\...\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}) (Version: 2.3.00.15160 - Sony Corporation)
VAIO Camera Utility (HKLM\...\{1417F599-1DBD-4499-9375-B2813E9F890C}) (Version: 2.0.01.02070 - Sony Corporation)
VAIO Control Center (HKLM\...\{FC37C108-821D-4EDE-8F40-D5B497586805}) (Version: 2.0.00.11060 - Sony Corporation)
VAIO Cozy Orange Wallpaper (HKLM\...\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.01.02070 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 2.0.02.13290 - Sony Corporation)
VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 3.1.00.16030 - Sony Corporation)
VAIO Hardware Diagnostics (HKLM\...\{A947C2B3-7445-42C4-9063-EE704CACCB22}) (Version:  - )
VAIO HDD Protection (HKLM\...\{C518C7BF-A345-4019-815B-FFDF32EBCAD9}) (Version: 2.1.00.15140 - Sony Corporation)
VAIO Long Battery Life Wallpaper (HKLM\...\{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}) (Version: 1.0.02.13240 - Sony Corporation)
VAIO Media (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media 6.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 6.0.10 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version:  - )
VAIO Media Content Collection 6.0 (HKLM\...\{500162A0-4DD5-460A-BAFD-895AAE48C532}) (Version:  - Sony Corporation)
VAIO Media Integrated Server 6.0 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version:  - Sony Corporation)
VAIO Media Redistribution 6.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 6.0.10 - Sony Corporation)
VAIO Media Registration Tool (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media Registration Tool 6.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 6.0.10 - Sony Corporation)
VAIO Original Screen Saver (HKLM\...\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}) (Version:  - )
VAIO Photo 2007 (HKLM\...\{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}) (Version: 1.0.01.01250 - Sony Corporation)
VAIO Power Management (HKLM\...\{9E319E96-ED8E-4B01-9775-C521A1869A25}) (Version: 2.1.00.15260 - Sony Corporation)
VAIO Smart Network (HKLM\...\{3B659FAD-E772-44A3-B7E7-560FF084669F}) (Version: 1.0.00.05180 - Sony Corporation)
VAIO Status Monitor (HKLM\...\{6970AAC9-A97B-4F89-A887-2F0636791E10}) (Version: 1.2.00.04020 - Sony Corporation)
VAIO Tender Green Wallpaper (HKLM\...\{934A3213-1CB6-4264-84A2-EE080C017BCA}) (Version: 1.0.11.10180 - Sony Corporation)
VAIO Update (HKLM\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO Video & Photo  Suite (Version: 1.1.00.13301 - Sony Corporation) Hidden
VAIO Video & Photo Suite (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.1.00.13301 - Sony Corporation)
V-bates 2.0.0.440 (HKLM\...\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1) (Version: 2.0.0.440 - Wajamu) <==== ATTENTION
VU5x86 (Version: 1.1.0 - Sony Corporation ) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Silverlight (HKLM\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.113 - InterVideo Inc.)
WinDVD for VAIO (Version: 8.0-B6.113 - InterVideo Inc.) Hidden

==================== Restore Points  =========================

15-05-2014 09:51:52 Windows Update
16-05-2014 13:10:11 Windows Update
19-05-2014 01:00:15 Windows Update
22-05-2014 16:22:00 Entfernt VAIO Update
22-05-2014 16:23:49 Installiert VAIO Update
22-05-2014 16:36:19 Windows Update
26-05-2014 11:09:51 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1418310E-71A4-43F2-8DAD-12588EEB2844} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-11-24] ()
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {186F064B-1D59-47B1-8EBD-544660C4049C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {1F0F298F-26F9-4944-9CCB-27A26AA7A0A1} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {310B8965-1F3C-4019-8A14-F0EAF63C68DA} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4 => C:\Program Files\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.exe [2014-05-10] (Freeven) <==== ATTENTION
Task: {370046FB-5233-4992-B2DC-F64A8B286C3F} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3 => C:\Program Files\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.exe [2014-05-10] (Freeven) <==== ATTENTION
Task: {3DE6412D-997D-426D-8D53-1414B73A726C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2009-07-14] (Microsoft Corporation)
Task: {4BB46668-3F6B-409D-8DB3-94333546E251} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {4F3CD0B5-831C-48DD-A6E4-32CA897A4449} - System32\Tasks\LaunchMCV => MyClubVaio.vbs
Task: {547A0898-47E8-4712-B673-B45F3D1BF9ED} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe
Task: {54DAED50-C4DF-4D2A-92EF-2B5A6F0FDC57} - System32\Tasks\APSnotifierPP3 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {6CBD1E6A-8444-439F-B9DE-4C17527A5D0C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {6E22580E-A4F5-407B-BBD4-2115ED40A722} - System32\Tasks\MCVSurveyReminder2 => reminder.exe
Task: {6F7C5371-EA4D-4E44-92B1-B5769081310A} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5 => C:\Program Files\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.exe [2014-05-10] (Freeven) <==== ATTENTION
Task: {72BE8CDF-81F5-452A-B5B8-19A5C63290C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {741F39C8-26DE-4359-BC47-1AFC91E8A0B3} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {7E5EDBAD-077B-4639-8F47-9CA39ABB369A} - System32\Tasks\APSnotifierPP1 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {84905245-1004-4685-B196-740034DF369D} - System32\Tasks\MCVSurveyReminder1 => reminder.exe
Task: {A65911CB-8B64-4BEA-BBF9-52729F06F2BD} - System32\Tasks\APSnotifierPP2 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {AF416D7E-E2F5-44C8-BA17-618299824423} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {B01C0435-C88A-4A18-ABA4-B6880D951762} - System32\Tasks\MCVSurveyReminder4 => reminder.exe
Task: {B435FD59-037D-4ABF-AACE-C854F076EC57} - System32\Tasks\FF Watcher {A37F0B1F-B1C5-4DC1-B8BF-D18441D4FF4E} => C:\Program Files\V-bates\PrefHelper.exe [2014-04-07] ()
Task: {BAE0434C-909A-4CF8-AAD2-7348E53D4536} - System32\Tasks\HPCustParticipation HP ENVY 110 series => C:\Program Files\HP\HP ENVY 110 series\Bin\HPCustPartic.exe [2011-09-19] (Hewlett-Packard Co.)
Task: {C114A667-7CB1-45A0-9705-E9DBC5515CFD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {C176EC33-1BA2-4FC7-BC4E-65DE4D84167B} - System32\Tasks\FoxTab => C:\Users\korinth\AppData\Roaming\FoxTab\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {C33AC99D-9321-460B-AC47-3AF42603829A} - System32\Tasks\AmiUpdXp => C:\Users\korinth\AppData\Local\30128\a27808.exe [2014-05-27] () <==== ATTENTION
Task: {D13C337C-2635-474D-9597-4AE3E9AD7A98} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1 => C:\Program Files\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-05-10] (Freeven) <==== ATTENTION
Task: {D3CE422F-B6F5-4169-ACB8-A403E0775B77} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {E2120D74-5F91-4D32-8B1F-238081514169} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3 => C:\Program Files\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-3.exe [2014-05-10] (Freeven) <==== ATTENTION
Task: {EE309D8C-3335-4AEC-BA82-108509ABDD21} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2 => C:\Program Files\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.exe [2014-05-10] (Freeven) <==== ATTENTION
Task: {EE4CBB55-1231-48AF-A22A-F2D6EBA00E6B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {F1169ADB-912E-42B8-ADF9-168A086FDA56} - System32\Tasks\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 => C:\Program Files\V-bates\startsc.bat [2014-03-24] ()
Task: {FB642A39-5899-4768-ABAB-CC269F4B01E9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {FC547D7A-E7E4-4B29-A91E-E15FB5048B63} - System32\Tasks\MCVSurveyReminder3 => reminder.exe
Task: C:\Windows\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job => C:\Program Files\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job => C:\Program Files\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job => C:\Program Files\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job => C:\Program Files\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job => C:\Program Files\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job => C:\Program Files\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\korinth\AppData\Local\30128\a27808.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\FF Watcher {A37F0B1F-B1C5-4DC1-B8BF-D18441D4FF4E}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\korinth\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) =============

2014-05-27 18:16 - 2014-04-07 15:38 - 00552224 _____ () C:\Program Files\V-bates\libinject.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-04-27 09:25 - 2007-04-04 08:33 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2007-04-27 09:25 - 2007-04-04 08:33 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
2007-04-19 11:41 - 2007-04-19 11:41 - 00007168 _____ () C:\Program Files\sony\WWAN\Win32Interop.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2014-05-27 18:16 - 2014-04-07 15:38 - 00210208 _____ () C:\Program Files\V-bates\ExtensionUpdaterService.exe
2014-05-11 11:09 - 2014-05-07 04:27 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-05-15 13:17 - 2014-05-15 13:17 - 16361136 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken Jubiläumsversion Zahlungserinnerung.lnk => C:\Windows\pss\Quicken Jubiläumsversion Zahlungserinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^korinth^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP ENVY 110 series (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP ENVY 110 series (Netzwerk).lnk.Startup
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: HP ENVY 110 series (NET) => "C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BMC20X205QS:NW" -scfn "HP ENVY 110 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: VAIOCameraUtility => "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/27/2014 06:17:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 29.0.1.5239, Zeitstempel: 0x536995c2
Name des fehlerhaften Moduls: mozalloc.dll, Version: 29.0.1.5239, Zeitstempel: 0x536968fa
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000119c
ID des fehlerhaften Prozesses: 0x394
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (05/27/2014 05:09:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NSUService.exe, Version: 1.0.0.5150, Zeitstempel: 0x46494799
Name des fehlerhaften Moduls: PluginRas.plugin, Version: 1.0.0.1, Zeitstempel: 0x4649476d
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00005fd7
ID des fehlerhaften Prozesses: 0x490
Startzeit der fehlerhaften Anwendung: 0xNSUService.exe0
Pfad der fehlerhaften Anwendung: NSUService.exe1
Pfad des fehlerhaften Moduls: NSUService.exe2
Berichtskennung: NSUService.exe3

Error: (05/27/2014 07:29:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NSUService.exe, Version: 1.0.0.5150, Zeitstempel: 0x46494799
Name des fehlerhaften Moduls: PluginRas.plugin, Version: 1.0.0.1, Zeitstempel: 0x4649476d
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00005fd7
ID des fehlerhaften Prozesses: 0x510
Startzeit der fehlerhaften Anwendung: 0xNSUService.exe0
Pfad der fehlerhaften Anwendung: NSUService.exe1
Pfad des fehlerhaften Moduls: NSUService.exe2
Berichtskennung: NSUService.exe3

Error: (05/27/2014 06:59:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 34328566

Error: (05/27/2014 06:59:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 34328566

Error: (05/27/2014 06:59:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/26/2014 04:59:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AppleIEDAV.exe, Version: 1.2.12.0, Zeitstempel: 0x52867716
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052d94
ID des fehlerhaften Prozesses: 0xb94
Startzeit der fehlerhaften Anwendung: 0xAppleIEDAV.exe0
Pfad der fehlerhaften Anwendung: AppleIEDAV.exe1
Pfad des fehlerhaften Moduls: AppleIEDAV.exe2
Berichtskennung: AppleIEDAV.exe3

Error: (05/26/2014 04:58:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/26/2014 01:11:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(40:a6:d9:14:9a:eb@fe80::42a6:d9ff:fe14:9aeb._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (05/26/2014 00:59:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NSUService.exe, Version: 1.0.0.5150, Zeitstempel: 0x46494799
Name des fehlerhaften Moduls: PluginRas.plugin, Version: 1.0.0.1, Zeitstempel: 0x4649476d
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00005fd7
ID des fehlerhaften Prozesses: 0x720
Startzeit der fehlerhaften Anwendung: 0xNSUService.exe0
Pfad der fehlerhaften Anwendung: NSUService.exe1
Pfad des fehlerhaften Moduls: NSUService.exe2
Berichtskennung: NSUService.exe3


System errors:
=============
Error: (05/27/2014 06:28:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update KingBrowse" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/27/2014 06:28:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Update KingBrowse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/27/2014 05:09:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NSUService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/27/2014 05:08:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VAIO Entertainment File Import Service" ist vom Dienst "VAIO Entertainment Database Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1075

Error: (05/27/2014 05:08:33 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "VAIO Entertainment Database Service" ist von folgendem Dienst abhängig: MSSQL$VAIO_VEDB. Dieser Dienst ist eventuell nicht installiert.

Error: (05/27/2014 07:29:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NSUService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/27/2014 07:28:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VAIO Entertainment File Import Service" ist vom Dienst "VAIO Entertainment Database Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1075

Error: (05/27/2014 07:28:31 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "VAIO Entertainment Database Service" ist von folgendem Dienst abhängig: MSSQL$VAIO_VEDB. Dieser Dienst ist eventuell nicht installiert.

Error: (05/26/2014 00:59:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NSUService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/26/2014 00:58:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VAIO Entertainment File Import Service" ist vom Dienst "VAIO Entertainment Database Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1075


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-02-11 13:09:08.910
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Microsoft Security Client\Antimalware\Drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-02-11 13:09:08.708
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Microsoft Security Client\Antimalware\Drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-02-11 13:09:08.583
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Microsoft Security Client\Antimalware\Drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-02-11 13:09:08.396
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Microsoft Security Client\Antimalware\Drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-02-11 13:09:08.193
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Microsoft Security Client\Antimalware\Drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-02-11 12:06:39.318
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Microsoft Security Client\Antimalware\Drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-02-11 12:06:39.115
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Microsoft Security Client\Antimalware\Drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-02-11 12:06:38.928
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Microsoft Security Client\Antimalware\Drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-02-11 12:06:38.725
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Microsoft Security Client\Antimalware\Drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-02-11 12:06:38.569
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Microsoft Security Client\Antimalware\Drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 57%
Total physical RAM: 2038.05 MB
Available physical RAM: 857.93 MB
Total Pagefile: 4076.11 MB
Available Pagefile: 2630.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1886.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:85.71 GB) (Free:16.92 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 93 GB) (Disk ID: B6DCB7EA)
Partition 1: (Not Active) - (Size=7 GB) - (Type=27)
Partition 2: (Active) - (Size=86 GB) - (Type=07 NTFS)

==================== End Of Log ============================

So, dass habe ich jetzt soweit gemacht. Ich hoffe das es so richtig ist...

Tut mir leid, druch diese massiven eingriffe, Fehleitungen etc, hat es etwas gedauert...aber schon mal vielen Dank, dass du mir hilfst!

schrauber · 28.05.2014, 12:00

Adware & Co. deinstallieren

Lade Dir bitte von hier Revo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:

diesen Zusatz haben:
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Fränky76 · 28.05.2014, 17:22

Okay, hier der Inhalt der mbam.txt Datei:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 28.05.2014
Suchlauf-Zeit: 16:54:39
Logdatei: Malwarebytes Protokoll.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.05.28.05
Rootkit Datenbank: v2014.05.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: korinth

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 252478
Verstrichene Zeit: 18 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

...und hier jetzt der Inhalt der AdwCleaner.txt Datei:

Code:

ATTFilter

# AdwCleaner v3.211 - Bericht erstellt am 28/05/2014 um 17:38:18
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : korinth - KORINTH-PC
# Gestartet von : C:\Users\korinth\Downloads\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Registry Helper
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files\Optimizer Pro
Ordner Gelöscht : C:\Program Files\predm
Ordner Gelöscht : C:\Program Files\V-bates
Ordner Gelöscht : C:\Users\korinth\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\korinth\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\korinth\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\korinth\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\korinth\AppData\Roaming\ZoomBrowser EX
Ordner Gelöscht : C:\Users\korinth\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Datei Gelöscht : C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys
Datei Gelöscht : C:\Users\korinth\AppData\Local\AnyProtectScannerSetup.exe
Datei Gelöscht : C:\Users\korinth\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\korinth\Desktop\Continue VuuPC Installation.lnk
Datei Gelöscht : C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\user.js
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP1.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP1
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP2.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP2
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP3.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP3
Datei Gelöscht : C:\Windows\Tasks\FoxTab.job
Datei Gelöscht : C:\Windows\System32\Tasks\FoxTab

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E5EDBAD-077B-4639-8F47-9CA39ABB369A}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E5EDBAD-077B-4639-8F47-9CA39ABB369A}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A65911CB-8B64-4BEA-BBF9-52729F06F2BD}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A65911CB-8B64-4BEA-BBF9-52729F06F2BD}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54DAED50-C4DF-4D2A-92EF-2B5A6F0FDC57}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54DAED50-C4DF-4D2A-92EF-2B5A6F0FDC57}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C176EC33-1BA2-4FC7-BC4E-65DE4D84167B}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C176EC33-1BA2-4FC7-BC4E-65DE4D84167B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DC264A72-FA75-4948-B881-EA8EFF8E5DD2}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\Registry Helper
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\Vittalia
Schlüssel Gelöscht : HKLM\Software\Wpm

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "webssearches");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "webssearches");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hppp&ts=1401208115&from=tugs&uid=TOSHIBAXMK1011GAH_87D4S3EOSXX87D4S3EOS");
Zeile gelöscht : user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "145e801c18b8184ed86f4655c4f5242d");
Zeile gelöscht : user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_partn_time_istart.webssearches.com", "not set");
Zeile gelöscht : user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_whiteListSearch", "{\"isearch.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"se[...]

*************************

AdwCleaner[R0].txt - [7330 octets] - [28/05/2014 17:36:11]
AdwCleaner[S0].txt - [7043 octets] - [28/05/2014 17:38:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7103 octets] ##########

Und der Inhalt der JRT.txt Datei:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x86
Ran by korinth on 28.05.2014 at 18:04:18,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\korinth\AppData\Roaming\mozilla\firefox\profiles\1oxvq7w9.default\minidumps [31 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.05.2014 at 18:10:45,31
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

...zuseltzt das FRST Log. Ich habe dann ersteinmal alles soweit nach einander abgearbeitet

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 02
Ran by korinth (administrator) on KORINTH-PC on 28-05-2014 18:17:06
Running from C:\Users\korinth\Downloads
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(OptionNV) C:\Windows\System32\Gtdetectsc.exe
(OptionNV) C:\Windows\System32\GtFlashSwitch.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\sony\ISB Utility\ISBMgr.exe
(NSCE) C:\Program Files\sony\WWAN\WWAN_reminder.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMgr.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\OPT Drive Power Saving.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update\VAIOUpdt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2006-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4399104 2007-03-23] (Realtek Semiconductor)
HKLM\...\Run: [AML] => C:\Program Files\Sony\VAIO AV Mode Launcher\AML.exe [1241088 2007-04-11] (Sony)
HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [321656 2007-04-02] (Sony Corporation)
HKLM\...\Run: [WWAN_reminder] => C:\Program Files\Sony\WWAN\WWAN_reminder.exe [36864 2007-04-19] (NSCE)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKU\S-1-5-21-757258568-2909039622-4210959049-1004\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-757258568-2909039622-4210959049-1004\...\Run: [AppleIEDAV] => C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2510 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP ENVY 110 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP ENVY 110 series.lnk -> C:\Program Files\HP\HP ENVY 110 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {F9872F96-C881-4FA4-827B-A50BC1CFE4E6} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKCU - {C0BE6A3E-C4A2-45A5-9C83-70F5B8D5DE45} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2012-11-24]

========================== Services (Whitelisted) =================

R2 gtdetectsc; C:\Windows\system32\gtdetectsc.exe [123208 2007-04-24] (OptionNV)
R2 GtFlashSwitch; C:\Windows\system32\GtFlashSwitch.exe [123208 2007-04-24] (OptionNV)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S2 NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [200704 2007-05-15] (Sony Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] ()
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-04-04] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1228336 2014-02-27] (Sony Corporation)
S2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation)
S2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [8064 2007-04-24] (Option N.V.)
S3 GTSCSER; C:\Windows\System32\DRIVERS\gtscser.sys [20992 2007-04-24] (Option N.V.)
S3 GTUQBUS; C:\Windows\System32\DRIVERS\gtuqbus.sys [36992 2007-04-24] (Option N.V.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-05-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R0 shpf; C:\Windows\System32\DRIVERS\shpf.sys [14720 2007-03-19] (Sony Corporation)
R3 SonyImgF; C:\Windows\System32\DRIVERS\SonyImgF.sys [31104 2007-04-05] (Sony Corporation)
R3 SPI; C:\Windows\System32\DRIVERS\SonyPI.sys [14720 2007-08-03] (Sony Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 18:15 - 2014-05-28 18:15 - 00013292 _____ () C:\Users\korinth\Desktop\FRST - Verknüpfung.lnk
2014-05-28 18:10 - 2014-05-28 18:10 - 00000784 _____ () C:\Users\korinth\Desktop\JRT.txt
2014-05-28 17:55 - 2014-05-28 17:55 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 17:53 - 2014-05-28 17:53 - 01016261 _____ (Thisisu) C:\Users\korinth\Downloads\JRT.exe
2014-05-28 17:35 - 2014-05-28 17:44 - 00000000 ____D () C:\AdwCleaner
2014-05-28 17:34 - 2014-05-28 17:34 - 01327971 _____ () C:\Users\korinth\Downloads\adwcleaner_3.211.exe
2014-05-28 17:19 - 2014-05-28 17:19 - 00001159 _____ () C:\Users\korinth\Desktop\mbam.txt
2014-05-28 17:18 - 2014-05-28 17:18 - 00001177 _____ () C:\Users\korinth\Desktop\Malwarebytes Protokoll.txt
2014-05-28 16:52 - 2014-05-28 18:03 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-28 16:52 - 2014-05-28 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-28 16:51 - 2014-05-28 16:52 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-05-28 16:51 - 2014-05-28 16:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 16:51 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-28 16:51 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-28 16:51 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-28 16:50 - 2014-05-28 16:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\korinth\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 16:05 - 2014-05-28 16:05 - 00001222 _____ () C:\Users\korinth\Desktop\Revo Uninstaller.lnk
2014-05-28 16:05 - 2014-05-28 16:05 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-28 16:04 - 2014-05-28 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\korinth\Downloads\revosetup95.exe
2014-05-28 15:54 - 2014-05-28 17:58 - 00010284 _____ () C:\Windows\setupact.log
2014-05-28 15:54 - 2014-05-28 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-28 15:53 - 2014-05-28 17:40 - 00090682 _____ () C:\Windows\PFRO.log
2014-05-27 18:41 - 2014-05-27 18:44 - 00040463 _____ () C:\Users\korinth\Downloads\Addition.txt
2014-05-27 18:39 - 2014-05-28 18:17 - 00016176 _____ () C:\Users\korinth\Downloads\FRST.txt
2014-05-27 18:39 - 2014-05-28 18:17 - 00000000 ____D () C:\FRST
2014-05-27 18:39 - 2014-05-27 18:39 - 01056256 _____ (Farbar) C:\Users\korinth\Downloads\FRST.exe
2014-05-27 18:16 - 2014-05-28 18:16 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {A37F0B1F-B1C5-4DC1-B8BF-D18441D4FF4E}.job
2014-05-26 13:46 - 2014-05-26 13:52 - 00000000 ____D () C:\Users\korinth\Desktop\ebay
2014-05-23 10:00 - 2014-05-26 13:50 - 00000000 ____D () C:\Users\korinth\Desktop\Handy 23.05.2014 2
2014-05-23 09:58 - 2014-05-23 09:59 - 00000000 ____D () C:\Users\korinth\Desktop\Handy 23.05.2014
2014-05-23 09:39 - 2014-05-23 09:39 - 00602587 _____ () C:\Users\korinth\Downloads\Rechnungen.zip
2014-05-22 18:24 - 2014-05-22 18:24 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-05-20 19:39 - 2014-05-22 20:23 - 00021746 _____ () C:\Users\korinth\Desktop\GMX Mahnung.odt
2014-05-18 19:29 - 2014-05-18 19:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-16 15:15 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 15:15 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 15:15 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 11:51 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 11:51 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 11:50 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 11:50 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 11:50 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 11:50 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 11:50 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 11:50 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 11:50 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 11:50 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-15 11:50 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 11:50 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 11:50 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 11:48 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-11 11:09 - 2014-05-11 20:38 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-11 11:09 - 2014-05-11 20:38 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-11 11:09 - 2014-05-11 11:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-11 00:06 - 2014-05-18 20:06 - 00000082 _____ () C:\Users\korinth\AppData\Roaming\WB.CFG
2014-05-10 23:17 - 2014-05-10 23:17 - 00000000 ____D () C:\Users\korinth\AppData\Local\com
2014-05-10 15:53 - 2014-05-10 15:53 - 01745400 _____ (AnyProtect.com) C:\Users\korinth\AppData\Local\nsc7B2C.tmp
2014-05-10 15:49 - 2014-05-11 20:40 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-05-10 00:39 - 2014-05-27 18:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-07 09:51 - 2014-05-18 19:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 18:32 - 2014-05-06 18:32 - 00283376 _____ (Mozilla) C:\Users\korinth\Downloads\Firefox Setup Stub 29.0.exe
2014-05-04 20:03 - 2014-05-04 20:09 - 00000000 ____D () C:\Users\korinth\Desktop\Scharbeutz
2014-05-04 12:29 - 2014-05-04 12:29 - 00028598 _____ () C:\Users\korinth\Documents\Staatsanwalt.odt
2014-05-04 09:53 - 2014-05-04 09:54 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(2).exe
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieUserList
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieSiteList
2014-05-04 09:26 - 2014-05-04 09:33 - 00002212 _____ () C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
2014-05-04 09:26 - 2014-05-04 09:26 - 00001159 _____ () C:\Users\Public\Desktop\Shop für Zubehör - HP Deskjet 2510 series.lnk
2014-05-04 09:20 - 2014-05-04 09:22 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(1).exe
2014-05-04 09:16 - 2014-05-04 09:18 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313.exe

==================== One Month Modified Files and Folders =======

2014-05-28 18:17 - 2014-05-27 18:39 - 00016176 _____ () C:\Users\korinth\Downloads\FRST.txt
2014-05-28 18:17 - 2014-05-27 18:39 - 00000000 ____D () C:\FRST
2014-05-28 18:17 - 2012-04-08 12:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-28 18:16 - 2014-05-27 18:16 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {A37F0B1F-B1C5-4DC1-B8BF-D18441D4FF4E}.job
2014-05-28 18:15 - 2014-05-28 18:15 - 00013292 _____ () C:\Users\korinth\Desktop\FRST - Verknüpfung.lnk
2014-05-28 18:10 - 2014-05-28 18:10 - 00000784 _____ () C:\Users\korinth\Desktop\JRT.txt
2014-05-28 18:09 - 2012-02-11 16:20 - 00009744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-28 18:09 - 2012-02-11 16:20 - 00009744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-28 18:04 - 2012-02-11 17:04 - 01843471 _____ () C:\Windows\WindowsUpdate.log
2014-05-28 18:03 - 2014-05-28 16:52 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 17:58 - 2014-05-28 15:54 - 00010284 _____ () C:\Windows\setupact.log
2014-05-28 17:58 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 17:55 - 2014-05-28 17:55 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 17:53 - 2014-05-28 17:53 - 01016261 _____ (Thisisu) C:\Users\korinth\Downloads\JRT.exe
2014-05-28 17:44 - 2014-05-28 17:35 - 00000000 ____D () C:\AdwCleaner
2014-05-28 17:40 - 2014-05-28 15:53 - 00090682 _____ () C:\Windows\PFRO.log
2014-05-28 17:34 - 2014-05-28 17:34 - 01327971 _____ () C:\Users\korinth\Downloads\adwcleaner_3.211.exe
2014-05-28 17:23 - 2012-02-11 16:14 - 00000000 ____D () C:\Windows\Panther
2014-05-28 17:19 - 2014-05-28 17:19 - 00001159 _____ () C:\Users\korinth\Desktop\mbam.txt
2014-05-28 17:18 - 2014-05-28 17:18 - 00001177 _____ () C:\Users\korinth\Desktop\Malwarebytes Protokoll.txt
2014-05-28 16:52 - 2014-05-28 16:52 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-28 16:52 - 2014-05-28 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-28 16:52 - 2014-05-28 16:51 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-05-28 16:51 - 2014-05-28 16:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 16:51 - 2014-05-28 16:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\korinth\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 16:05 - 2014-05-28 16:05 - 00001222 _____ () C:\Users\korinth\Desktop\Revo Uninstaller.lnk
2014-05-28 16:05 - 2014-05-28 16:05 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-28 16:04 - 2014-05-28 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\korinth\Downloads\revosetup95.exe
2014-05-28 15:54 - 2014-05-28 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-27 18:44 - 2014-05-27 18:41 - 00040463 _____ () C:\Users\korinth\Downloads\Addition.txt
2014-05-27 18:39 - 2014-05-27 18:39 - 01056256 _____ (Farbar) C:\Users\korinth\Downloads\FRST.exe
2014-05-27 18:30 - 2013-03-30 18:41 - 00077312 ___SH () C:\Users\korinth\Desktop\Thumbs.db
2014-05-27 18:22 - 2012-02-12 18:14 - 00000000 ____D () C:\Windows\Minidump
2014-05-27 18:20 - 2014-05-10 00:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-26 16:17 - 2014-03-10 20:50 - 00000000 ____D () C:\Users\korinth\Desktop\Honda Prelude
2014-05-26 13:52 - 2014-05-26 13:46 - 00000000 ____D () C:\Users\korinth\Desktop\ebay
2014-05-26 13:50 - 2014-05-23 10:00 - 00000000 ____D () C:\Users\korinth\Desktop\Handy 23.05.2014 2
2014-05-26 13:02 - 2012-02-22 19:07 - 00000000 ____D () C:\Update
2014-05-23 09:59 - 2014-05-23 09:58 - 00000000 ____D () C:\Users\korinth\Desktop\Handy 23.05.2014
2014-05-23 09:39 - 2014-05-23 09:39 - 00602587 _____ () C:\Users\korinth\Downloads\Rechnungen.zip
2014-05-22 20:23 - 2014-05-20 19:39 - 00021746 _____ () C:\Users\korinth\Desktop\GMX Mahnung.odt
2014-05-22 18:25 - 2007-04-27 09:48 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-05-22 18:24 - 2014-05-22 18:24 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-05-22 18:24 - 2007-04-26 12:11 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-22 18:24 - 2007-04-26 11:01 - 00000000 ____D () C:\Program Files\sony
2014-05-19 20:22 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-19 03:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-19 03:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-18 21:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-18 20:06 - 2014-05-11 00:06 - 00000082 _____ () C:\Users\korinth\AppData\Roaming\WB.CFG
2014-05-18 19:38 - 2014-05-07 09:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-18 19:36 - 2013-07-21 16:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-18 19:30 - 2012-02-12 18:44 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-18 19:29 - 2014-05-18 19:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-18 19:29 - 2007-04-27 09:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 16:07 - 2014-03-01 08:05 - 00000000 ____D () C:\Users\korinth\Fränki
2014-05-15 13:17 - 2012-04-08 12:27 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-15 13:17 - 2012-02-11 18:12 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-12 07:26 - 2014-05-28 16:51 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-28 16:51 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-05-28 16:51 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 20:40 - 2014-05-10 15:49 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-05-11 20:38 - 2014-05-11 11:09 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-11 20:38 - 2014-05-11 11:09 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-11 20:38 - 2012-02-11 17:23 - 00001409 _____ () C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-11 11:09 - 2014-05-11 11:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-11 09:38 - 2012-11-24 19:09 - 00000000 ____D () C:\Users\korinth\AppData\Roaming\HpUpdate
2014-05-11 00:00 - 2013-07-17 14:50 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-05-11 00:00 - 2013-07-17 14:49 - 00000000 ____D () C:\Program Files\epson
2014-05-10 23:51 - 2012-02-23 11:36 - 00000000 ____D () C:\Program Files\Common Files\Lexware
2014-05-10 23:50 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-05-10 23:36 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-05-10 23:35 - 2013-07-17 14:53 - 00000000 ____D () C:\Program Files\Epson Software
2014-05-10 23:34 - 2013-07-17 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2014-05-10 23:32 - 2013-07-17 14:46 - 00000000 ____D () C:\ProgramData\EPSON
2014-05-10 23:17 - 2014-05-10 23:17 - 00000000 ____D () C:\Users\korinth\AppData\Local\com
2014-05-10 15:53 - 2014-05-10 15:53 - 01745400 _____ (AnyProtect.com) C:\Users\korinth\AppData\Local\nsc7B2C.tmp
2014-05-10 15:49 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-09 09:06 - 2014-05-15 11:51 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-15 11:51 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 18:32 - 2014-05-06 18:32 - 00283376 _____ (Mozilla) C:\Users\korinth\Downloads\Firefox Setup Stub 29.0.exe
2014-05-06 05:25 - 2014-05-16 15:15 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-16 15:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-16 15:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-04 20:09 - 2014-05-04 20:03 - 00000000 ____D () C:\Users\korinth\Desktop\Scharbeutz
2014-05-04 19:57 - 2012-02-11 17:18 - 01619700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-04 12:29 - 2014-05-04 12:29 - 00028598 _____ () C:\Users\korinth\Documents\Staatsanwalt.odt
2014-05-04 09:54 - 2014-05-04 09:53 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(2).exe
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieUserList
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieSiteList
2014-05-04 09:33 - 2014-05-04 09:26 - 00002212 _____ () C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
2014-05-04 09:33 - 2012-11-24 19:07 - 00000000 ____D () C:\Users\korinth\AppData\Local\HP
2014-05-04 09:27 - 2012-11-24 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-04 09:27 - 2012-11-24 19:07 - 00000000 ____D () C:\Program Files\HP
2014-05-04 09:26 - 2014-05-04 09:26 - 00001159 _____ () C:\Users\Public\Desktop\Shop für Zubehör - HP Deskjet 2510 series.lnk
2014-05-04 09:22 - 2014-05-04 09:20 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(1).exe
2014-05-04 09:18 - 2014-05-04 09:16 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313.exe
2014-05-04 08:57 - 2012-11-24 19:08 - 00000000 ____D () C:\ProgramData\HP

Some content of TEMP:
====================
C:\Users\korinth\AppData\Local\Temp\37849uninstall.exe
C:\Users\korinth\AppData\Local\Temp\instloffer.exe
C:\Users\korinth\AppData\Local\Temp\Quarantine.exe
C:\Users\korinth\AppData\Local\Temp\Sqlite3.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-15 11:50] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 00:12

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 29.05.2014, 16:05

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Fränky76 · 30.05.2014, 14:59

...das ESET Log:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=a7f9fbb2b2473e4a8e0b7c49c32690ee
# engine=18465
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-05-29 08:04:51
# local_time=2014-05-29 10:04:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 4844798 95571495 0 0
# scanned=164179
# found=5
# cleaned=0
# scan_time=16110
sh=1D0A1572D7AF9A149EB45C0F86B486B9AE8FAF4B ft=1 fh=9a57284d8243f9b8 vn="Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\korinth\AppData\Local\AnyProtectScannerSetup.exe.vir"
sh=CCB0234B9EF1619EEF81E62DAAC465C2FA8C5838 ft=1 fh=bbd42bc46eaad9cd vn="Win32/RiskWare.NetFilter.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys.vir"
sh=6527D773A16878E428D8DE50D51F28FEA7AAD655 ft=1 fh=abbd31e330edcbad vn="Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\korinth\AppData\Local\nsc7B2C.tmp"
sh=43EDD8633EE06A502DD327446CF4D8DC10285761 ft=1 fh=50b1a399676c6587 vn="Win32/Vittalia.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\korinth\AppData\Local\Temp\instloffer.exe"
sh=37381F388BAE1EDBAC14E32FF3277F224AF74188 ft=1 fh=bc860133a238d9e1 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\korinth\Fränki\Downloads\avira_free_antivirus_de.exe"

...der SecurityCheck Log:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 CCleaner     
 Java 7 Update 21  
 Java(TM) SE Runtime Environment 6 
 Java version out of Date! 
 Adobe Flash Player 	13.0.0.214  
 Adobe Reader 8 Adobe Reader out of Date! 
 Mozilla Firefox (29.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

...und ein frisches FRST Log:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 02
Ran by korinth (administrator) on KORINTH-PC on 30-05-2014 15:50:47
Running from C:\Users\korinth\Downloads
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(OptionNV) C:\Windows\System32\Gtdetectsc.exe
(OptionNV) C:\Windows\System32\GtFlashSwitch.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\sony\ISB Utility\ISBMgr.exe
(NSCE) C:\Program Files\sony\WWAN\WWAN_reminder.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\OPT Drive Power Saving.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update\VUAgent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2006-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4399104 2007-03-23] (Realtek Semiconductor)
HKLM\...\Run: [AML] => C:\Program Files\Sony\VAIO AV Mode Launcher\AML.exe [1241088 2007-04-11] (Sony)
HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [321656 2007-04-02] (Sony Corporation)
HKLM\...\Run: [WWAN_reminder] => C:\Program Files\Sony\WWAN\WWAN_reminder.exe [36864 2007-04-19] (NSCE)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKU\S-1-5-21-757258568-2909039622-4210959049-1004\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-757258568-2909039622-4210959049-1004\...\Run: [AppleIEDAV] => C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2510 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP ENVY 110 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP ENVY 110 series.lnk -> C:\Program Files\HP\HP ENVY 110 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {F9872F96-C881-4FA4-827B-A50BC1CFE4E6} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKCU - {C0BE6A3E-C4A2-45A5-9C83-70F5B8D5DE45} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\korinth\AppData\Roaming\Mozilla\Firefox\Profiles\1oxvq7w9.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2012-11-24]

========================== Services (Whitelisted) =================

R2 gtdetectsc; C:\Windows\system32\gtdetectsc.exe [123208 2007-04-24] (OptionNV)
R2 GtFlashSwitch; C:\Windows\system32\GtFlashSwitch.exe [123208 2007-04-24] (OptionNV)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S2 NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [200704 2007-05-15] (Sony Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] ()
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-04-04] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1228336 2014-02-27] (Sony Corporation)
S2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation)
S2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [8064 2007-04-24] (Option N.V.)
S3 GTSCSER; C:\Windows\System32\DRIVERS\gtscser.sys [20992 2007-04-24] (Option N.V.)
S3 GTUQBUS; C:\Windows\System32\DRIVERS\gtuqbus.sys [36992 2007-04-24] (Option N.V.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-05-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R0 shpf; C:\Windows\System32\DRIVERS\shpf.sys [14720 2007-03-19] (Sony Corporation)
R3 SonyImgF; C:\Windows\System32\DRIVERS\SonyImgF.sys [31104 2007-04-05] (Sony Corporation)
R3 SPI; C:\Windows\System32\DRIVERS\SonyPI.sys [14720 2007-08-03] (Sony Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-30 06:48 - 2014-05-30 06:49 - 00854367 _____ () C:\Users\korinth\Downloads\SecurityCheck.exe
2014-05-29 17:27 - 2014-05-29 17:27 - 02347384 _____ (ESET) C:\Users\korinth\Downloads\esetsmartinstaller_deu.exe
2014-05-28 18:27 - 2014-05-28 18:27 - 00001264 _____ () C:\Users\korinth\Desktop\2014 - Verknüpfung.lnk
2014-05-28 18:23 - 2014-05-28 18:24 - 00000000 ____D () C:\Users\korinth\Desktop\Trojaner-Forum
2014-05-28 17:55 - 2014-05-28 17:55 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 17:53 - 2014-05-28 17:53 - 01016261 _____ (Thisisu) C:\Users\korinth\Downloads\JRT.exe
2014-05-28 17:35 - 2014-05-28 17:44 - 00000000 ____D () C:\AdwCleaner
2014-05-28 17:34 - 2014-05-28 17:34 - 01327971 _____ () C:\Users\korinth\Downloads\adwcleaner_3.211.exe
2014-05-28 16:52 - 2014-05-30 14:18 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-28 16:51 - 2014-05-28 16:52 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-05-28 16:51 - 2014-05-28 16:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 16:51 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-28 16:51 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-28 16:51 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-28 16:50 - 2014-05-28 16:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\korinth\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 16:05 - 2014-05-28 16:05 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-28 16:04 - 2014-05-28 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\korinth\Downloads\revosetup95.exe
2014-05-28 15:54 - 2014-05-29 14:47 - 00012855 _____ () C:\Windows\setupact.log
2014-05-28 15:54 - 2014-05-28 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-28 15:53 - 2014-05-28 17:40 - 00090682 _____ () C:\Windows\PFRO.log
2014-05-27 18:41 - 2014-05-27 18:44 - 00040463 _____ () C:\Users\korinth\Downloads\Addition.txt
2014-05-27 18:39 - 2014-05-30 15:50 - 00015958 _____ () C:\Users\korinth\Downloads\FRST.txt
2014-05-27 18:39 - 2014-05-30 15:50 - 00000000 ____D () C:\FRST
2014-05-27 18:39 - 2014-05-27 18:39 - 01056256 _____ (Farbar) C:\Users\korinth\Downloads\FRST.exe
2014-05-27 18:16 - 2014-05-30 15:46 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {A37F0B1F-B1C5-4DC1-B8BF-D18441D4FF4E}.job
2014-05-26 13:46 - 2014-05-26 13:52 - 00000000 ____D () C:\Users\korinth\Desktop\ebay
2014-05-23 09:39 - 2014-05-23 09:39 - 00602587 _____ () C:\Users\korinth\Downloads\Rechnungen.zip
2014-05-22 18:24 - 2014-05-22 18:24 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-05-20 19:39 - 2014-05-22 20:23 - 00021746 _____ () C:\Users\korinth\Desktop\GMX Mahnung.odt
2014-05-18 19:29 - 2014-05-18 19:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-16 15:15 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 15:15 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 15:15 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 11:51 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 11:51 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 11:50 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 11:50 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 11:50 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 11:50 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 11:50 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 11:50 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 11:50 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 11:50 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-15 11:50 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 11:50 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 11:50 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 11:50 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 11:48 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-11 11:09 - 2014-05-11 20:38 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-11 11:09 - 2014-05-11 20:38 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-11 11:09 - 2014-05-11 11:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-11 00:06 - 2014-05-18 20:06 - 00000082 _____ () C:\Users\korinth\AppData\Roaming\WB.CFG
2014-05-10 23:17 - 2014-05-10 23:17 - 00000000 ____D () C:\Users\korinth\AppData\Local\com
2014-05-10 15:53 - 2014-05-10 15:53 - 01745400 _____ (AnyProtect.com) C:\Users\korinth\AppData\Local\nsc7B2C.tmp
2014-05-10 15:49 - 2014-05-11 20:40 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-05-10 00:39 - 2014-05-27 18:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-07 09:51 - 2014-05-18 19:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 18:32 - 2014-05-06 18:32 - 00283376 _____ (Mozilla) C:\Users\korinth\Downloads\Firefox Setup Stub 29.0.exe
2014-05-04 12:29 - 2014-05-04 12:29 - 00028598 _____ () C:\Users\korinth\Documents\Staatsanwalt.odt
2014-05-04 09:53 - 2014-05-04 09:54 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(2).exe
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieUserList
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieSiteList
2014-05-04 09:26 - 2014-05-04 09:33 - 00002212 _____ () C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
2014-05-04 09:26 - 2014-05-04 09:26 - 00001159 _____ () C:\Users\Public\Desktop\Shop für Zubehör - HP Deskjet 2510 series.lnk
2014-05-04 09:20 - 2014-05-04 09:22 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(1).exe
2014-05-04 09:16 - 2014-05-04 09:18 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313.exe

==================== One Month Modified Files and Folders =======

2014-05-30 15:51 - 2014-05-27 18:39 - 00015958 _____ () C:\Users\korinth\Downloads\FRST.txt
2014-05-30 15:50 - 2014-05-27 18:39 - 00000000 ____D () C:\FRST
2014-05-30 15:46 - 2014-05-27 18:16 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {A37F0B1F-B1C5-4DC1-B8BF-D18441D4FF4E}.job
2014-05-30 15:17 - 2012-04-08 12:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-30 15:02 - 2012-02-11 17:04 - 01896644 _____ () C:\Windows\WindowsUpdate.log
2014-05-30 14:18 - 2014-05-28 16:52 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 06:49 - 2014-05-30 06:48 - 00854367 _____ () C:\Users\korinth\Downloads\SecurityCheck.exe
2014-05-29 17:27 - 2014-05-29 17:27 - 02347384 _____ (ESET) C:\Users\korinth\Downloads\esetsmartinstaller_deu.exe
2014-05-29 14:58 - 2012-02-11 16:20 - 00009744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-29 14:58 - 2012-02-11 16:20 - 00009744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-29 14:48 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-29 14:47 - 2014-05-28 15:54 - 00012855 _____ () C:\Windows\setupact.log
2014-05-28 18:27 - 2014-05-28 18:27 - 00001264 _____ () C:\Users\korinth\Desktop\2014 - Verknüpfung.lnk
2014-05-28 18:27 - 2013-03-30 18:41 - 00121856 ___SH () C:\Users\korinth\Desktop\Thumbs.db
2014-05-28 18:24 - 2014-05-28 18:23 - 00000000 ____D () C:\Users\korinth\Desktop\Trojaner-Forum
2014-05-28 17:55 - 2014-05-28 17:55 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 17:53 - 2014-05-28 17:53 - 01016261 _____ (Thisisu) C:\Users\korinth\Downloads\JRT.exe
2014-05-28 17:44 - 2014-05-28 17:35 - 00000000 ____D () C:\AdwCleaner
2014-05-28 17:40 - 2014-05-28 15:53 - 00090682 _____ () C:\Windows\PFRO.log
2014-05-28 17:34 - 2014-05-28 17:34 - 01327971 _____ () C:\Users\korinth\Downloads\adwcleaner_3.211.exe
2014-05-28 17:23 - 2012-02-11 16:14 - 00000000 ____D () C:\Windows\Panther
2014-05-28 16:52 - 2014-05-28 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-28 16:52 - 2014-05-28 16:51 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-05-28 16:51 - 2014-05-28 16:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 16:51 - 2014-05-28 16:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\korinth\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 16:05 - 2014-05-28 16:05 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-28 16:04 - 2014-05-28 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\korinth\Downloads\revosetup95.exe
2014-05-28 15:54 - 2014-05-28 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-27 18:44 - 2014-05-27 18:41 - 00040463 _____ () C:\Users\korinth\Downloads\Addition.txt
2014-05-27 18:39 - 2014-05-27 18:39 - 01056256 _____ (Farbar) C:\Users\korinth\Downloads\FRST.exe
2014-05-27 18:22 - 2012-02-12 18:14 - 00000000 ____D () C:\Windows\Minidump
2014-05-27 18:20 - 2014-05-10 00:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-26 16:17 - 2014-03-10 20:50 - 00000000 ____D () C:\Users\korinth\Desktop\Honda Prelude
2014-05-26 13:52 - 2014-05-26 13:46 - 00000000 ____D () C:\Users\korinth\Desktop\ebay
2014-05-26 13:02 - 2012-02-22 19:07 - 00000000 ____D () C:\Update
2014-05-23 09:39 - 2014-05-23 09:39 - 00602587 _____ () C:\Users\korinth\Downloads\Rechnungen.zip
2014-05-22 20:23 - 2014-05-20 19:39 - 00021746 _____ () C:\Users\korinth\Desktop\GMX Mahnung.odt
2014-05-22 18:25 - 2007-04-27 09:48 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-05-22 18:24 - 2014-05-22 18:24 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-05-22 18:24 - 2007-04-26 12:11 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-22 18:24 - 2007-04-26 11:01 - 00000000 ____D () C:\Program Files\sony
2014-05-19 20:22 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-19 03:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-19 03:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-18 21:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-18 20:06 - 2014-05-11 00:06 - 00000082 _____ () C:\Users\korinth\AppData\Roaming\WB.CFG
2014-05-18 19:38 - 2014-05-07 09:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-18 19:36 - 2013-07-21 16:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-18 19:30 - 2012-02-12 18:44 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-18 19:29 - 2014-05-18 19:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-18 19:29 - 2007-04-27 09:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 16:07 - 2014-03-01 08:05 - 00000000 ____D () C:\Users\korinth\Fränki
2014-05-15 13:17 - 2012-04-08 12:27 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-15 13:17 - 2012-02-11 18:12 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-12 07:26 - 2014-05-28 16:51 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-28 16:51 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-05-28 16:51 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 20:40 - 2014-05-10 15:49 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-05-11 20:38 - 2014-05-11 11:09 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-11 20:38 - 2014-05-11 11:09 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-11 20:38 - 2012-02-11 17:23 - 00001409 _____ () C:\Users\korinth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-11 11:09 - 2014-05-11 11:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-11 09:38 - 2012-11-24 19:09 - 00000000 ____D () C:\Users\korinth\AppData\Roaming\HpUpdate
2014-05-11 00:00 - 2013-07-17 14:50 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-05-11 00:00 - 2013-07-17 14:49 - 00000000 ____D () C:\Program Files\epson
2014-05-10 23:51 - 2012-02-23 11:36 - 00000000 ____D () C:\Program Files\Common Files\Lexware
2014-05-10 23:50 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-05-10 23:36 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-05-10 23:35 - 2013-07-17 14:53 - 00000000 ____D () C:\Program Files\Epson Software
2014-05-10 23:34 - 2013-07-17 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2014-05-10 23:32 - 2013-07-17 14:46 - 00000000 ____D () C:\ProgramData\EPSON
2014-05-10 23:17 - 2014-05-10 23:17 - 00000000 ____D () C:\Users\korinth\AppData\Local\com
2014-05-10 15:53 - 2014-05-10 15:53 - 01745400 _____ (AnyProtect.com) C:\Users\korinth\AppData\Local\nsc7B2C.tmp
2014-05-10 15:49 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-09 09:06 - 2014-05-15 11:51 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-15 11:51 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 18:32 - 2014-05-06 18:32 - 00283376 _____ (Mozilla) C:\Users\korinth\Downloads\Firefox Setup Stub 29.0.exe
2014-05-06 05:25 - 2014-05-16 15:15 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-16 15:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-16 15:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-04 19:57 - 2012-02-11 17:18 - 01619700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-04 12:29 - 2014-05-04 12:29 - 00028598 _____ () C:\Users\korinth\Documents\Staatsanwalt.odt
2014-05-04 09:54 - 2014-05-04 09:53 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(2).exe
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieUserList
2014-05-04 09:37 - 2014-05-04 09:37 - 00000000 __SHD () C:\Users\korinth\AppData\Local\EmieSiteList
2014-05-04 09:33 - 2014-05-04 09:26 - 00002212 _____ () C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
2014-05-04 09:33 - 2012-11-24 19:07 - 00000000 ____D () C:\Users\korinth\AppData\Local\HP
2014-05-04 09:27 - 2012-11-24 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-04 09:27 - 2012-11-24 19:07 - 00000000 ____D () C:\Program Files\HP
2014-05-04 09:26 - 2014-05-04 09:26 - 00001159 _____ () C:\Users\Public\Desktop\Shop für Zubehör - HP Deskjet 2510 series.lnk
2014-05-04 09:22 - 2014-05-04 09:20 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313(1).exe
2014-05-04 09:18 - 2014-05-04 09:16 - 58381000 _____ () C:\Users\korinth\Downloads\DJ2510_1313.exe
2014-05-04 08:57 - 2012-11-24 19:08 - 00000000 ____D () C:\ProgramData\HP

Some content of TEMP:
====================
C:\Users\korinth\AppData\Local\Temp\37849uninstall.exe
C:\Users\korinth\AppData\Local\Temp\instloffer.exe
C:\Users\korinth\AppData\Local\Temp\Quarantine.exe
C:\Users\korinth\AppData\Local\Temp\Sqlite3.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-15 11:50] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 15:29

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

... so das hat wieder länger gedauert, das ESET hat alleine 4,5 Std gearbeitet... aber ich bin bis hierin wieder fertig...

schrauber · 31.05.2014, 10:45

Java und Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Ärger mit "websearches und mediaplayerplus" Trojanern-/Vierenprogrammen

Log-Analyse und Auswertung: Ärger mit "websearches und mediaplayerplus" Trojanern-/Vierenprogrammen