|
Plagegeister aller Art und deren Bekämpfung: Programme haben keinen InternetzugriffWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
29.09.2014, 14:38 | #1 |
| Programme haben keinen Internetzugriff Hallo Leute, ich habe seit mehreren Monaten das Problem, dass meine Programme keine Verbindung mehr zum Internet aufbauen. So bekomme ich z.B. andauernd eine Fehlermeldung, wenn ich ein Windows Update (unter anderem Fehler 80072EE2) durchführen will aber auch wenn ich über iTunes in die Online Mediathek möchte (Fehler 310). Weiterhin besteht das Problem bei anderen Programmen die ein Update benötigen, wie Adobe. Ich kann die Updates nur manuell im Internet downloaden und dann instalieren. Mein normales Internet über Firefox funktioniert. Gestern habe ich mir das WinFuture Update Pack geladen, damit ich mein Windows auf den neusten Stand bringen kann, seit dem habe ich auch den Internet Explorer 11, welcher allerdings auch nicht funktioniert (Meldung: Der Proxyserver reagiert nicht). Mit F-Secure (habe ein Jahresabo), ist heute ein Virus gefunden worden: Trojan.Generic.11709199 in C:\$Recycle.Bin\S-1-5-21-3810040113-336...\$RY05P36.exe allerdings hat sich trotz Quarantäne nichts geändert.... Ich hoffe Ihr könnt mir weiterhelfen |
29.09.2014, 15:15 | #2 |
/// the machine /// TB-Ausbilder | Programme haben keinen Internetzugriff hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
29.09.2014, 18:09 | #3 |
| Programme haben keinen Internetzugriff FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02 Ran by Dario (administrator) on DARIO-VAIO on 29-09-2014 19:04:55 Running from C:\Users\Dario\Desktop Loaded Profile: Dario (Available profiles: Dario) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe (Spotify Ltd) C:\Users\Dario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe (ALPS) C:\Program Files\Apoint\Apvfb.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-03-12] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-07-08] (F-Secure Corporation) HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2014-06-24] (F-Secure Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3810040113-3366235107-2524779152-1000\...\Run: [DriverTurbo] => C:\Program Files (x86)\DriverTurbo\DriverTurbo.exe HKU\S-1-5-21-3810040113-3366235107-2524779152-1000\...\Run: [Spotify Web Helper] => C:\Users\Dario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-21] (Spotify Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {791387CC-FD3D-4649-A362-23DEFED0F29D} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices SearchScopes: HKCU - {C909D0DC-BB0B-4692-8A78-5DFC11EE1066} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms} SearchScopes: HKCU - {CCFDB796-99E0-4AE7-B5CC-B72FBA91483C} URL = hxxp://de.shopping.com/?linkin_id=8056363 BHO: F-Secure Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: F-Secure Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", ""); FF Homepage: google.de FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*'))%20%7B%20return%20'PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D" FF NetworkProxy: "type", 2 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\searchplugins\11-suche.xml FF SearchPlugin: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: GMX MailCheck - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\Extensions\toolbar@gmx.net [2014-09-18] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-04-21] FF Extension: ProxMate - Proxy on steroids! - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-01-29] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20] FF Extension: Adblock Plus - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-21] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-21] FF HKLM-x32\...\Firefox\Extensions: [{67f11f70-7bb7-45c0-a1e4-94f2927b46df}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2014-09-25] FF HKCU\...\Firefox\Extensions: [safesearch@f-secure.com] - C:\Users\Dario\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn FF Extension: F-Secure Search - C:\Users\Dario\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn [2014-09-25] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-06-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-07-08] (F-Secure Corporation) R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2014-06-24] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2014-06-24] (F-Secure Corporation) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation) R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation) S2 SystemStoreService; "C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe" -displayname "System Store Service" -servicename "SystemStoreService" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-09-25] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-09-25] (F-Secure Corporation) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2014-09-25] () R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [89640 2014-09-25] (F-Secure Corporation) R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2014-06-24] () S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed] S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed] S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed] S3 VBTUSB; C:\Windows\System32\Drivers\VBTUSB.sys [14848 2010-06-17] (Sony Corporation) [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-29 19:04 - 2014-09-29 19:05 - 00021198 _____ () C:\Users\Dario\Desktop\FRST.txt 2014-09-29 19:04 - 2014-09-29 19:04 - 00000000 ____D () C:\FRST 2014-09-29 19:02 - 2014-09-29 19:02 - 02108928 _____ (Farbar) C:\Users\Dario\Desktop\FRST64.exe 2014-09-28 23:19 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-09-28 23:19 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-09-28 23:19 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-09-28 23:15 - 2014-09-28 23:15 - 00182912 _____ () C:\Windows\msxml4-KB2758694-deu.LOG 2014-09-28 22:50 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2014-09-28 22:47 - 2014-09-28 22:47 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-28 22:47 - 2014-09-28 22:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-28 22:47 - 2014-09-28 22:47 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-28 22:47 - 2014-09-28 22:47 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-28 22:47 - 2014-09-28 22:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-09-28 22:47 - 2014-09-28 22:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-09-28 22:47 - 2014-09-28 22:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-09-28 22:47 - 2014-09-28 22:47 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-09-28 22:47 - 2014-09-28 22:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-09-28 22:47 - 2014-09-28 22:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-09-28 22:47 - 2014-09-28 22:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-28 21:29 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2014-09-28 21:29 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-09-28 21:24 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-09-28 21:10 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-28 21:10 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2014-09-28 21:10 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2014-09-28 21:10 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2014-09-28 21:10 - 2013-01-13 21:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-09-28 21:10 - 2013-01-13 21:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-09-28 21:10 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2014-09-28 21:10 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2014-09-28 21:10 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2014-09-28 21:10 - 2013-01-13 21:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-28 21:10 - 2013-01-13 21:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-09-28 21:10 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2014-09-28 21:10 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2014-09-28 21:10 - 2013-01-13 21:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-09-28 21:10 - 2013-01-13 21:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-09-28 21:10 - 2013-01-13 21:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-09-28 21:10 - 2013-01-13 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-09-28 21:10 - 2013-01-13 21:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-09-28 21:10 - 2013-01-13 21:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-09-28 21:10 - 2013-01-13 21:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-09-28 21:10 - 2013-01-13 21:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-09-28 21:10 - 2013-01-13 21:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-09-28 21:10 - 2013-01-13 21:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-09-28 21:10 - 2013-01-13 21:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-09-28 21:10 - 2013-01-13 21:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-09-28 21:10 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-09-28 21:10 - 2013-01-13 20:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-09-28 21:10 - 2013-01-13 20:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-09-28 21:10 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2014-09-28 21:10 - 2013-01-13 19:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-09-28 21:10 - 2013-01-04 08:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-28 21:10 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-28 21:01 - 2014-09-28 22:50 - 00035949 _____ () C:\Windows\IE11_main.log 2014-09-28 20:27 - 2014-09-28 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-28 20:27 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-09-28 20:26 - 2014-09-28 20:27 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-28 20:26 - 2014-09-28 20:27 - 00000000 ____D () C:\Program Files\iTunes 2014-09-28 20:26 - 2014-09-28 20:27 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-09-28 20:26 - 2014-09-28 20:26 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-09-28 20:26 - 2014-09-28 20:26 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-09-28 20:26 - 2014-09-28 20:26 - 00000000 ____D () C:\Program Files\iPod 2014-09-28 20:26 - 2014-09-28 20:26 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-09-28 20:25 - 2014-09-28 20:25 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-09-28 20:25 - 2014-09-28 20:25 - 00000000 ____D () C:\Program Files\Bonjour 2014-09-28 20:25 - 2014-09-28 20:25 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-09-25 09:04 - 2014-09-29 08:46 - 00000618 _____ () C:\Windows\Tasks\Scheduled scanning task.job 2014-09-25 09:04 - 2014-09-29 00:00 - 00003394 _____ () C:\Windows\System32\Tasks\Scheduled scanning task 2014-09-25 08:51 - 2014-09-25 08:59 - 00056016 _____ () C:\Windows\system32\Drivers\fsbts.sys 2014-09-25 08:51 - 2014-09-25 08:51 - 00000657 _____ () C:\Windows\fsav_db_setup.log 2014-09-25 08:50 - 2014-09-25 08:51 - 00895110 _____ () C:\Windows\FSSFM.log 2014-09-25 08:50 - 2014-09-25 08:51 - 00804919 _____ () C:\Windows\FSSETUP.log 2014-09-25 08:50 - 2014-09-25 08:51 - 00136077 _____ () C:\Windows\FSPROD.log 2014-09-25 08:50 - 2014-09-25 08:51 - 00088489 _____ () C:\Windows\RunSetup.log 2014-09-25 08:50 - 2014-09-25 08:51 - 00070706 _____ () C:\Windows\FSAVINST.LOG 2014-09-25 08:50 - 2014-09-25 08:51 - 00009874 _____ () C:\Windows\FSAVCSIN.LOG 2014-09-25 08:50 - 2014-09-25 08:51 - 00004230 _____ () C:\Windows\fstnbins.LOG 2014-09-25 08:50 - 2014-09-25 08:50 - 00019328 _____ () C:\Windows\fspplugin.log 2014-09-25 08:48 - 2014-09-25 08:49 - 00000000 ____D () C:\Program Files (x86)\F-Secure 2014-09-25 08:48 - 2014-09-25 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure 2014-09-24 23:30 - 2014-09-25 08:41 - 00725310 _____ () C:\Windows\PFRO.log 2014-09-24 21:21 - 2014-09-25 08:41 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-09-24 21:19 - 2014-09-25 08:51 - 04131916 _____ () C:\Windows\FSISU.log 2014-09-24 21:19 - 2014-09-25 08:51 - 00384340 _____ () C:\Windows\FSDEPH.log 2014-09-24 21:19 - 2014-09-25 08:51 - 00008327 _____ () C:\Windows\FSGKIAIN.log 2014-09-24 21:19 - 2014-09-25 08:51 - 00003632 _____ () C:\Windows\FSLDIN.LOG 2014-09-24 21:19 - 2014-09-25 08:51 - 00003355 _____ () C:\Windows\fsavunin.log 2014-09-24 21:19 - 2014-09-24 21:20 - 00263127 _____ () C:\Windows\FSUNINST.log 2014-09-24 21:19 - 2014-09-24 21:20 - 00013582 _____ () C:\Windows\uninstaller.log 2014-09-24 21:19 - 2014-09-24 21:19 - 00000812 _____ () C:\Windows\daasunin.LOG 2014-09-24 21:19 - 2014-09-24 21:19 - 00000070 _____ () C:\Windows\fsavunin_2.log 2014-09-21 09:28 - 2014-09-25 09:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-21 09:14 - 2014-09-25 08:30 - 00000087 _____ () C:\Users\Dario\Desktop\IBAN_BIC.txt 2014-09-17 17:45 - 2014-09-17 17:45 - 00000000 ____D () C:\Users\Dario\AppData\Local\{E5F3550B-0792-4B2F-9B1C-4CE8EE37E632} 2014-09-15 11:35 - 2014-09-15 11:35 - 00000000 ____D () C:\Users\Dario\AppData\Local\{D1DC3EEF-788E-48A0-B56F-A064D89F950E} 2014-09-15 11:35 - 2014-09-15 11:35 - 00000000 ____D () C:\Users\Dario\AppData\Local\{C6D0EED4-A7E5-4901-90A5-64AC881FFBAD} 2014-09-14 11:25 - 2014-09-14 11:25 - 00000000 ____D () C:\Users\Dario\AppData\Local\{610D78AC-C8EE-450F-9007-73F4AC8DD242} 2014-09-11 17:20 - 2014-09-11 17:20 - 00000000 ____D () C:\Users\Dario\AppData\Local\{14B13F5E-29F4-4216-82EC-F6612D5974FD} 2014-09-11 17:19 - 2014-09-11 17:19 - 00000000 ____D () C:\Users\Dario\AppData\Local\{1E3CB5A3-F63A-49D8-929D-ED3D6047ADAF} 2014-09-11 17:17 - 2014-09-11 17:17 - 00000000 ____D () C:\Users\Dario\AppData\Local\{9F9C42E9-7A30-4920-995E-4D1481AAD43D} 2014-09-11 17:17 - 2014-09-11 17:17 - 00000000 ____D () C:\Users\Dario\AppData\Local\{795068C8-043C-4161-93E2-556133EC32F6} 2014-09-11 16:37 - 2014-09-11 16:37 - 00000000 ____D () C:\Users\Dario\AppData\Local\{5CBD8156-3D4B-4D64-9A99-11FAC259B8F6} 2014-09-11 16:25 - 2014-09-11 16:25 - 00000000 ____D () C:\Users\Dario\AppData\Local\{E48EE27C-81A5-4901-8409-14911F163F19} 2014-09-11 16:21 - 2014-09-11 16:21 - 00000000 ____D () C:\Users\Dario\AppData\Local\{911AA878-E7C1-4BFA-A8F1-EB021FEFC817} 2014-09-11 16:18 - 2014-09-11 16:18 - 00000000 ____D () C:\Users\Dario\AppData\Local\{EE54F8A7-4832-4296-88F5-5F4D46B5A287} 2014-09-11 16:14 - 2014-09-11 16:14 - 00000000 ____D () C:\Users\Dario\AppData\Local\{8FA70E85-E0EC-44AD-A8B2-88FD421AAE58} 2014-09-11 16:13 - 2014-09-11 16:13 - 00000000 ____D () C:\Users\Dario\AppData\Local\{2F4B0155-9701-433B-9E60-F83A58F315A4} 2014-09-11 16:12 - 2014-09-11 16:12 - 00000000 ____D () C:\Users\Dario\AppData\Local\{D5430522-4A2F-4276-9CE4-6E8D673E4831} 2014-09-11 16:11 - 2014-09-11 16:11 - 00000000 ____D () C:\Users\Dario\AppData\Local\{7676FD1C-6AEA-4AAB-AF8F-A2784F79F95E} 2014-09-11 16:01 - 2014-09-11 16:01 - 00000000 ____D () C:\Users\Dario\AppData\Local\{FC0F9807-521F-42C5-AD7C-F09C57B40429} 2014-09-11 15:59 - 2014-09-11 15:59 - 00000000 ____D () C:\Users\Dario\AppData\Local\{EED9BB0C-F723-4CB5-AC5C-8891ABF3D09B} 2014-09-11 15:52 - 2014-09-11 15:52 - 00000000 ____D () C:\Users\Dario\AppData\Local\{E78FB9B1-4E8E-44D6-928E-7666397B5BBD} 2014-09-11 15:50 - 2014-09-11 15:50 - 00000000 ____D () C:\Users\Dario\AppData\Local\{1E22130A-A35F-455B-8306-2B371ACBDAC9} 2014-09-11 15:45 - 2014-09-11 15:45 - 00000000 ____D () C:\Users\Dario\AppData\Local\{639D936D-FA66-4EA1-9664-6578DA8EFF97} 2014-09-11 15:45 - 2014-09-11 15:45 - 00000000 ____D () C:\Users\Dario\AppData\Local\{51CB51ED-AC4E-4F8E-B4D6-D3BF3DB829CE} 2014-09-11 15:33 - 2014-09-11 15:33 - 00008863 _____ () C:\Users\Dario\.recently-used.xbel 2014-09-06 14:41 - 2014-09-29 10:20 - 00000000 ____D () C:\Users\Dario\Desktop\Bewerbung NEU ab 2014 2014-09-03 11:08 - 2014-09-03 11:08 - 488033010 _____ () C:\Windows\MEMORY.DMP 2014-09-03 11:08 - 2014-09-03 11:08 - 00454384 _____ () C:\Windows\Minidump\090314-24398-01.dmp ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-29 18:37 - 2009-07-14 06:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-29 18:37 - 2009-07-14 06:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-29 18:33 - 2010-11-25 19:27 - 02040781 _____ () C:\Windows\WindowsUpdate.log 2014-09-29 18:31 - 2014-08-16 15:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-29 18:30 - 2014-08-09 09:27 - 00007530 _____ () C:\Windows\setupact.log 2014-09-29 18:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-28 23:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-09-28 23:31 - 2010-11-25 19:40 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{737607F8-836A-4C0C-B675-CAA71288B56F} 2014-09-28 23:24 - 2009-07-14 06:45 - 00443352 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-09-28 23:05 - 2010-07-12 22:26 - 00000000 ____D () C:\Windows\Panther 2014-09-28 23:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-09-28 22:10 - 2010-07-31 01:24 - 00703340 _____ () C:\Windows\system32\perfh007.dat 2014-09-28 22:10 - 2010-07-31 01:24 - 00151766 _____ () C:\Windows\system32\perfc007.dat 2014-09-28 22:10 - 2009-07-14 07:13 - 01631944 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-28 22:07 - 2013-05-15 19:51 - 00000000 ___RD () C:\Users\Dario\Dropbox 2014-09-28 22:06 - 2013-05-15 19:46 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\Dropbox 2014-09-28 21:17 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-09-28 21:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK 2014-09-28 21:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR 2014-09-28 21:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK 2014-09-28 21:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-09-28 20:26 - 2010-12-28 19:08 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-09-28 20:25 - 2010-12-28 19:07 - 00000000 ____D () C:\ProgramData\Apple 2014-09-25 18:23 - 2012-05-02 20:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-25 08:52 - 2014-04-10 21:40 - 00000000 ____D () C:\Users\Dario\AppData\Local\F-Secure 2014-09-25 08:52 - 2012-12-10 14:49 - 00000000 ____D () C:\ProgramData\F-Secure 2014-09-25 08:51 - 2012-12-10 15:01 - 00020560 _____ () C:\Windows\prodsett_copy.ini 2014-09-24 23:38 - 2014-03-26 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-24 13:43 - 2013-01-27 18:46 - 00000000 ____D () C:\Users\Dario\AppData\Local\Spotify 2014-09-24 13:43 - 2013-01-27 18:12 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\Spotify 2014-09-15 16:00 - 2011-07-20 21:12 - 00000000 ____D () C:\Users\Dario\Documents\Bewerbung Dario_NICHT LÖSCHEN 2014-09-13 13:29 - 2011-11-04 17:46 - 00000000 ____D () C:\Users\Dario\Documents\Uni 2014-09-11 16:29 - 2011-12-23 17:34 - 00000000 ____D () C:\Users\Dario\.gimp-2.6 2014-09-11 15:33 - 2010-11-25 19:37 - 00000000 ____D () C:\Users\Dario 2014-09-11 11:19 - 2011-12-23 17:35 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\gtk-2.0 2014-09-11 08:37 - 2011-10-13 18:52 - 00000000 ____D () C:\Users\Dario\Documents\Angebote 2014-09-10 09:52 - 2013-04-12 20:25 - 00346787 _____ () C:\test.xml 2014-09-10 09:32 - 2014-08-16 15:01 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-10 09:31 - 2014-08-16 15:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-10 09:31 - 2014-08-16 15:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-03 11:08 - 2011-01-23 09:16 - 00000000 ____D () C:\Windows\Minidump Some content of TEMP: ==================== C:\Users\Dario\AppData\Local\Temp\cleanup_tool.exe C:\Users\Dario\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkd_tci.dll C:\Users\Dario\AppData\Local\Temp\fsc9C1F.tmp.exe C:\Users\Dario\AppData\Local\Temp\fscF6DC.tmp.exe C:\Users\Dario\AppData\Local\Temp\Setup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-29 10:10 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02 Ran by Dario at 2014-09-29 19:05:47 Running from C:\Users\Dario\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Antivirus (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17} AS: Antivirus (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.) AMD Accelerated Video Transcoding (Version: 13.30.100.40312 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2014.0312.1131.18796 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (HKLM\...\{8F3C9854-8EB9-3D28-4AD7-E3ADD800C7E3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft) ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.390 - ArcSoft) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform) Cisco AnyConnect VPN Client (HKLM-x32\...\{44257960-C5CC-45BA-8E83-524E4A0F3FD5}) (Version: 2.5.3054 - Cisco Systems, Inc.) Color Efex Pro 3.0 Standard (HKLM-x32\...\Color Efex Pro 3.0 Stand-Alone Standard) (Version: 3.1.0.9 - Nik Software, Inc.) Computer Security 14.115.100.0 (release) (x32 Version: 14.115.100.0 - F-Secure Corporation) Hidden Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.538 - Corel Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.) Filmmakers Video Uploader (HKCU\...\Filmmakers Video Uploader) (Version: - Filmmakers) Free YouTube to MP3 Converter version 3.10.5.722 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.) F-Secure (HKLM-x32\...\F-Secure ServiceEnabler 666) (Version: 2.15.358.0 - F-Secure Corporation) F-Secure (x32 Version: 2.15.358.0 - F-Secure Corporation) Hidden F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden F-Secure Network CCF 1.02.141 (x32 Version: 1.02.141 - F-Secure Corporation) Hidden F-Secure SafeSearch 1.03.159.0 (release) (x32 Version: 1.03.159.0 - F-Secure Corporation) Hidden GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team) HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Online Safety 2.115.2783.1598 (x32 Version: 2.115.2783.1598 - F-Secure Corporation) Hidden Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}) (Version: 3.58.0 - dotPDN LLC) PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation) PMB VAIO Edition Guide (x32 Version: 1.3.00.06040 - Sony Corporation) Hidden PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.) Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation) Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc) SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.3.0.06230 - Sony Corporation) VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.3.00.06040 - Sony Corporation) VAIO - PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation) VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation) VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation) VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation) VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation) VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.2.00.05120 - Sony Corporation) VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.1.09131 - Sony Corporation) VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation) VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation) VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation) VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.3.00.06040 - Sony Corporation) VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.3.4.2 - Sony Corporation) VAIO Quick Web Access (x32 Version: 1.3.4.2 - Sony Corporation) Hidden VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation) VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe) VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation) VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation) VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation) VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3810040113-3366235107-2524779152-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3810040113-3366235107-2524779152-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3810040113-3366235107-2524779152-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3810040113-3366235107-2524779152-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3810040113-3366235107-2524779152-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3810040113-3366235107-2524779152-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3810040113-3366235107-2524779152-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3810040113-3366235107-2524779152-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3810040113-3366235107-2524779152-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 21-09-2014 17:00:22 Windows-Sicherung 24-09-2014 19:20:31 Removed F-Secure 24-09-2014 19:22:27 avast! antivirus system restore point 24-09-2014 21:37:23 Removed Java 7 Update 67 25-09-2014 06:31:05 avast! antivirus system restore point 25-09-2014 06:38:17 avast! antivirus system restore point 28-09-2014 17:31:35 Windows-Sicherung 28-09-2014 17:54:47 Removed iTunes 28-09-2014 18:01:35 Removed QuickTime 7 28-09-2014 18:03:28 Removed Apple Software Update 28-09-2014 18:05:40 Removed Apple Mobile Device Support 28-09-2014 18:07:43 Removed Bonjour 28-09-2014 18:08:11 Removed Apple Application Support 28-09-2014 18:26:11 Installed iTunes 28-09-2014 19:10:12 Windows Update 28-09-2014 19:23:50 Windows Update 28-09-2014 19:29:14 Windows Update 28-09-2014 20:35:10 Dario 28.09.14 28-09-2014 20:45:49 Windows Modules Installer 28-09-2014 21:07:17 Windows Update 28-09-2014 21:08:50 Windows Update 28-09-2014 21:10:54 Windows Update 28-09-2014 21:11:49 Windows Update 28-09-2014 21:13:10 Windows Update 28-09-2014 21:15:45 Windows Update 28-09-2014 21:19:34 Windows Update 28-09-2014 21:20:06 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {170EBF4C-AEFE-4F2C-B2D0-D97ABF2C342A} - System32\Tasks\{78BC6A6A-7E20-4265-8FAF-C47D5037E274} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {1944F0BE-303A-452E-97B9-D01299286993} - System32\Tasks\{F649BB7C-E4F5-4102-B0B7-ED79F59E1E67} => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2014-02-13] (Microsoft Corporation) Task: {1D6D805A-6B92-4E1A-9908-C6771E836B1B} - System32\Tasks\{B648945A-91A7-41EB-B3F4-E3292998E9B2} => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2014-02-13] (Microsoft Corporation) Task: {21A5D885-D078-4130-B728-BA9A94003093} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation) Task: {343D77C2-CDEB-4CDA-B894-5EF07E229D61} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) Task: {4C7BC2CE-8269-4B93-8F8D-E24718624C45} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-01-27] (Sony Corporation) Task: {6645991C-D34E-4AFC-9C6F-8BD4FCC91711} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation) Task: {89B8D83E-36AB-4695-9220-3707B72E12D6} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {8CCD26DC-0AF6-4A0C-BA43-443C123966B4} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-10-25] (Sony Corporation) Task: {94198144-3ED0-4BBF-ADBA-09C226A93D64} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe Task: {AF578822-5815-4007-8C5A-81DE0D506BD4} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsav.exe [2014-06-24] (F-Secure Corporation) Task: {B115446C-6FED-4EB0-9B94-AA67260C3A55} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation) Task: {B6EDCCB9-8D40-4C9F-8B16-5272B3BDC3E5} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe Task: {C3427F53-528E-4105-A989-DDD07E5C43A2} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation) Task: {CAAEFE78-522D-4F3D-8D6F-2B4B364CCD4F} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation) Task: {D1A4DB7A-6E72-482B-99FE-F3720AD09A58} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation) Task: {E22D39B9-ACDA-4594-8A3B-CA1AAB16AEF4} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {E24067B5-5D98-4F69-A4C0-AC1518B5A842} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-10-25] (Sony Corporation) Task: {E95921BB-1B87-4F18-9520-35CE8FA090AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated) Task: {E95D1E95-6252-44D4-A3E2-467CBA64F981} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EE1CD85A-ADBC-4C50-A830-C8A4ED5CC527} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {F1AFF773-2B83-45BF-AA6C-5C86981F8C51} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe Task: {F375AD5D-1D42-4A57-963E-0979A48A970E} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation) Task: {F5955A46-3129-4F84-A9DB-A8F3EFCBA2E0} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~2\F-Secure\apps\COMPUT~1\ANTI-V~1\fsav.exe ==================== Loaded Modules (whitelisted) ============= 2011-11-27 13:17 - 2011-02-25 18:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll 2011-11-27 13:17 - 2011-02-25 18:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Dario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-3810040113-3366235107-2524779152-500 - Administrator - Disabled) Dario (S-1-5-21-3810040113-3366235107-2524779152-1000 - Administrator - Enabled) => C:\Users\Dario Gast (S-1-5-21-3810040113-3366235107-2524779152-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3810040113-3366235107-2524779152-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/29/2014 07:05:53 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: ) Description: 1 2014-09-29 19:05:53+02:00 DARIO-VAIO SYSTEM F-Secure DeepGuard Application was blocked. This was determined to be a high-risk application by system control heuristics. Application path: \\?\c:\windows\mod_frst.exe File hash: 4bb423ae4bf7b46ba1cd43c521cf9314c03cf8c4 Error: (09/29/2014 06:40:31 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Das Zeitlimit für den Vorgang wurde erreicht. Error: (09/29/2014 02:54:55 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Das Zeitlimit für den Vorgang wurde erreicht. Error: (09/29/2014 02:44:35 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=F18} Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000194). Error: (09/29/2014 02:44:35 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=F18} Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.5139.5005.sft' herstellen (Rückgabecode 24604E0A-40000194, ursprünglicher Rückgabecode 24604E0A-40000194). Error: (09/29/2014 02:41:30 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: ) Description: 1 2014-09-29 14:41:30+02:00 DARIO-VAIO DARIO-VAIO\Dario F-Secure Anti-Virus Manual scanning was finished - workstation was found infected! Error: (09/29/2014 08:56:46 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Das Zeitlimit für den Vorgang wurde erreicht. Error: (09/29/2014 08:46:25 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=DFC} Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000194). Error: (09/29/2014 08:46:25 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=DFC} Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.5139.5005.sft' herstellen (Rückgabecode 24604E0A-40000194, ursprünglicher Rückgabecode 24604E0A-40000194). Error: (09/28/2014 11:34:21 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Das Zeitlimit für den Vorgang wurde erreicht. System errors: ============= Error: (09/29/2014 06:30:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "System Store Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/29/2014 03:18:02 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (09/29/2014 03:18:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (09/29/2014 02:44:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "System Store Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/29/2014 02:42:10 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (09/29/2014 02:42:09 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (09/29/2014 08:46:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "System Store Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/28/2014 11:23:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "System Store Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/28/2014 11:04:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "System Store Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/28/2014 10:11:07 PM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2012-12-28 15:38:34.359 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-28 15:38:34.289 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-28 15:38:34.219 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-28 15:38:34.119 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.934 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.893 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.850 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.808 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.757 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.668 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz Percentage of memory in use: 46% Total physical RAM: 3950.1 MB Available physical RAM: 2127.32 MB Total Pagefile: 7898.38 MB Available Pagefile: 5483.75 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:452.23 GB) (Free:354.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D2F798B3) Partition 1: (Not Active) - (Size=13.4 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=452.2 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
30.09.2014, 15:16 | #4 |
/// the machine /// TB-Ausbilder | Programme haben keinen Internetzugriff hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
30.09.2014, 16:30 | #5 |
| Programme haben keinen Internetzugriff Hi, ich habe Combofix nun ausgeführt, musste allerdings einen Neustart machen. Leider finde ich die combofix.txt nicht mehr. Könntest du mir sagen wo die normalerweise abgespeichert wird? hat sich erledigt Code:
ATTFilter ComboFix 14-09-29.02 - Dario 30.09.2014 17:06:32.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3950.2444 [GMT 2:00] ausgeführt von:: c:\users\Dario\Desktop\ComboFix.exe AV: Antivirus *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} SP: Antivirus *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\programdata\NOTEPAD.EXE-x.txt c:\programdata\RUNDLL32.EXE-x.txt c:\users\Dario\AppData\Roaming\.# . . ((((((((((((((((((((((( Dateien erstellt von 2014-08-28 bis 2014-09-30 )))))))))))))))))))))))))))))) . . 2014-09-30 15:14 . 2014-09-30 15:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-09-29 17:04 . 2014-09-29 17:06 -------- d-----w- C:\FRST 2014-09-28 21:19 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll 2014-09-28 21:19 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll 2014-09-28 21:19 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys 2014-09-28 21:03 . 2014-09-28 21:03 -------- d-----w- c:\windows\SysWow64\wbem\en-US 2014-09-28 21:02 . 2014-09-28 21:02 -------- d-----w- c:\windows\system32\wbem\en-US 2014-09-28 20:50 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE 2014-09-28 19:29 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll 2014-09-28 19:29 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll 2014-09-28 19:24 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe 2014-09-28 18:27 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2014-09-28 18:26 . 2014-09-28 18:26 -------- d-----w- c:\program files\iPod 2014-09-28 18:26 . 2014-09-28 18:27 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-28 18:26 . 2014-09-28 18:27 -------- d-----w- c:\program files\iTunes 2014-09-28 18:26 . 2014-09-28 18:27 -------- d-----w- c:\program files (x86)\iTunes 2014-09-28 18:26 . 2014-09-28 18:26 -------- d-----w- c:\program files (x86)\Apple Software Update 2014-09-28 18:25 . 2014-09-28 18:25 -------- d-----w- c:\program files\Common Files\Apple 2014-09-28 18:25 . 2014-09-28 18:25 -------- d-----w- c:\program files\Bonjour 2014-09-28 18:25 . 2014-09-28 18:25 -------- d-----w- c:\program files (x86)\Bonjour 2014-09-28 18:25 . 2014-09-28 18:26 -------- d-----w- c:\program files (x86)\Common Files\Apple 2014-09-25 06:51 . 2014-09-25 06:59 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys 2014-09-25 06:48 . 2014-09-25 06:49 -------- d-----w- c:\program files (x86)\F-Secure 2014-09-24 19:21 . 2014-09-25 06:41 -------- d-----w- c:\programdata\AVAST Software . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-09-10 07:31 . 2014-08-16 13:01 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-09-10 07:31 . 2014-08-16 13:01 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-07-28 12:52 . 2014-07-28 12:52 6112072 ----a-w- c:\windows\system32\usbaaplrc.dll 2014-07-28 12:52 . 2014-07-28 12:52 54784 ----a-w- c:\windows\system32\drivers\usbaapl64.sys . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="c:\users\Dario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-09-21 1245752] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-03-12 767200] "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-31 43816] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904] "F-Secure Hoster (666)"="c:\program files (x86)\F-Secure\fshoster32.exe" [2014-07-08 187432] "F-Secure Manager"="c:\program files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" [2014-06-24 310312] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-09-01 152392] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\F-Secure\fshoster32.exe;c:\program files (x86)\F-Secure\fshoster32.exe [x] R2 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe;c:\program files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R2 SystemStoreService;System Store Service;c:\program files (x86)\SoftwareUpdater\SystemStore.exe -displayname System Store Service -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe -displayname System Store Service -servicename SystemStoreService [x] R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x] R3 fsni;fsni;c:\program files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys;c:\program files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x] R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 VBTUSB;VBTUSB.Sys VAIO Bluetooth Driver over USB device;c:\windows\system32\Drivers\VBTUSB.sys;c:\windows\SYSNATIVE\Drivers\VBTUSB.sys [x] R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x] R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x] S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys;c:\windows\SYSNATIVE\Drivers\fsbts.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys;c:\program files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [x] S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys;c:\program files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x] S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x] S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x] S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x] S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [x] S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys;c:\program files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x] S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x] S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x] . . Inhalt des "geplante Tasks" Ordners . 2014-09-29 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-16 07:32] . 2014-09-30 c:\windows\Tasks\Scheduled scanning task.job - c:\progra~2\F-Secure\apps\COMPUT~1\ANTI-V~1\fsav.exe [2014-09-25 11:28] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\Dario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://google.de/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;<local> IE: Free YouTube to MP3 Converter - c:\users\Dario\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 DPF: CC679CB8-DC4B-458B-B817-D447B3B6AC31 - vpnweb.cab FF - ProfilePath - c:\users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\ FF - prefs.js: browser.startup.homepage - google.de FF - prefs.js: network.proxy.type - 2 . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Wow6432Node-HKCU-Run-DriverTurbo - c:\program files (x86)\DriverTurbo\DriverTurbo.exe ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe AddRemove-Filmmakers Video Uploader - c:\windows\system32\javaws.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\fshoster] "ImagePath"="\"c:\program files (x86)\F-Secure\fshoster32.exe\" -hosterid:0" -- . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\"" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-3810040113-3366235107-2524779152-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3810040113-3366235107-2524779152-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\F-Secure\My Services Agent\Protected] @Denied: ) (Everyone) "AgentIdentifier"="573202cb-1258-46ed-8539-76c7ce8156ad" "AuthorizationCode"="" "666_AgentIdentifier"="573202cb-1258-46ed-8539-76c7ce8156ad" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2014-09-30 17:16:28 ComboFix-quarantined-files.txt 2014-09-30 15:16 . Vor Suchlauf: 14 Verzeichnis(se), 384.951.291.904 Bytes frei Nach Suchlauf: 19 Verzeichnis(se), 386.326.687.744 Bytes frei . - - End Of File - - 81B27F65FB03595EB0B3544A571620BE |
01.10.2014, 12:31 | #6 |
/// the machine /// TB-Ausbilder | Programme haben keinen Internetzugriff Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Programme haben keinen Internetzugriff |
02.10.2014, 14:50 | #7 |
| Programme haben keinen Internetzugriff So, habe jetzt alle drei Programme laufen lassen. Bei den ersten Beiden, habe ich vorsichtshalber F-Secure und die WIndows Firewall abgestellt. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 02.10.2014 Suchlauf-Zeit: 10:00:14 Logdatei: malewarebytes.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.10.02.03 Rootkit Datenbank: v2014.09.19.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Dario Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 332364 Verstrichene Zeit: 10 Min, 56 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 4 PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, In Quarantäne, [4f9cab64fc80989ea388f26641c3ee12], PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3810040113-3366235107-2524779152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, In Quarantäne, [00ebe52a98e4e650efa399bfef152bd5], PUP.Optional.InstallCore.A, HKU\S-1-5-21-3810040113-3366235107-2524779152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [6586c54a66163402330f5700b64e847c], PUP.Optional.SweetIM.A, HKU\S-1-5-21-3810040113-3366235107-2524779152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, In Quarantäne, [00eb818ea7d5063003276cece71d926e], Registrierungswerte: 3 PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, {0723E553-568C-11E2-B975-C44619CA2E55}, In Quarantäne, [4f9cab64fc80989ea388f26641c3ee12] PUP.Optional.InstallCore.A, HKU\S-1-5-21-3810040113-3366235107-2524779152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0X1B1T1KtGyEtH0M0ItF1FtH0K, In Quarantäne, [6586c54a66163402330f5700b64e847c] PUP.Optional.SweetIM.A, HKU\S-1-5-21-3810040113-3366235107-2524779152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {0723E553-568C-11E2-B975-C44619CA2E55}, In Quarantäne, [00eb818ea7d5063003276cece71d926e] Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.311 - Bericht erstellt am 02/10/2014 um 10:22:36 # Aktualisiert 30/09/2014 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : Dario - DARIO-VAIO # Gestartet von : C:\Users\Dario\Desktop\AdwCleaner_3.311.exe # Option : Löschen ***** [ Dienste ] ***** [#] Dienst Gelöscht : SystemStoreService ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\Partner Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB Ordner Gelöscht : C:\Users\Dario\AppData\Local\Software_Updater Ordner Gelöscht : C:\Users\Dario\AppData\Local\SoftwareUpdater Ordner Gelöscht : C:\Users\Dario\AppData\Roaming\dvdvideosoftiehelpers Datei Gelöscht : C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi Datei Gelöscht : C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\searchplugins\11-suche.xml ***** [ Tasks ] ***** Task Gelöscht : Software Updater Ui Task Gelöscht : Software Updater ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar Schlüssel Gelöscht : HKLM\SOFTWARE\DeviceVM Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v32.0.3 (x86 de) [ Datei : C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\prefs.js ] ************************* AdwCleaner[R0].txt - [2547 octets] - [02/10/2014 10:21:49] AdwCleaner[S0].txt - [2360 octets] - [02/10/2014 10:22:36] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2420 octets] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.2.5 (10.01.2014:2) OS: Windows 7 Home Premium x64 Ran by Dario on 02.10.2014 at 10:28:41,13 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files Successfully deleted: [File] "C:\Users\Dario\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com" ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{008BC282-CA40-4AF5-927F-1B3B956B96E6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{011C9270-E694-404C-928F-EA9671652D92} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{0174BAA2-2EED-4B3E-8A2A-0BAF180C4063} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{03C31EF7-8F69-469B-BCA1-18AF4FE39941} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{08299558-CF9D-432D-A236-9395EC0BC60F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{0A420014-00ED-494A-AF0D-3C38FE62A57C} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{0B001C11-4AF8-4CE0-844B-9697F27E3429} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{0CCE64A3-D55B-4ADE-BC91-A77F1CB8F02B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{0D121BA9-FFEE-4AE6-8308-91BBBFF27C34} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{0EC368C0-C6E2-400A-8629-221613907F92} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{0FAC4130-A3F9-479D-96EB-C2DF53A3E3DB} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{105DAAFE-E038-41B1-BA93-5E96B95A9B0D} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{11213CDB-A134-45D3-B8D6-452F1EC2A6C5} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{12BB2045-4750-49AD-A8FC-493DBB67B756} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{140A78F3-16D6-421F-BF3B-22AD508968AF} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{14B13F5E-29F4-4216-82EC-F6612D5974FD} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{16A05BF7-7182-4D67-889F-8F5C90587DFC} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{16D68D71-BA8A-4DC4-97F5-28C1FF83BD03} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{1764FB9F-8A7F-42F4-B9F1-6B9589C9671A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{18693BA7-9161-4C70-AD97-63A211BC63B9} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{18B51279-1B45-449F-B764-783C4399D6E6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{18FAD112-ED36-49EF-80E2-914896B19378} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{1975FBCC-0445-4AEA-A4D8-2F751237505F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{19C02110-7289-45FA-9E57-F0BD284FFF5E} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{19C5BE7B-33B0-4161-A0AE-E1F4E7DEDE2C} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{1A5D70C7-AE19-432F-B5C8-B0305A47F3B9} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{1B09378C-BCFE-4AA9-ABAA-CC133D4D2293} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{1BBEB985-0501-4046-A023-6EF9C442DB75} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{1E22130A-A35F-455B-8306-2B371ACBDAC9} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{1E3CB5A3-F63A-49D8-929D-ED3D6047ADAF} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{1E6F659B-CFF7-49B0-B5C1-7C2E4003BC66} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{1E7CFB8F-2D49-4275-B62A-9A2B2B3338CC} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{208D349C-3E2B-4B1A-8966-9D4B5353AA39} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{20B65174-D8A5-46D4-93EF-D8A8EDD06936} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{215EFEE6-6F1D-4F60-8CBF-70638717A8B0} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{22F7559A-7C01-48D8-A41E-AFE0A8FA67E1} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{23CE0AED-68DE-4DF6-B0A0-E2432769411B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{24340A78-62A4-4AAD-82A0-C56FCD621F7A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{26C26E94-3163-4FFB-9F2F-AB6A9E755BAE} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{28EE61DC-877F-467A-8CB8-B278A1842EC3} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{2A2A1B5B-C884-4BD8-A4B7-7CC4CECC4976} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{2A31626B-A7E1-4FDD-8A7F-A965AB8E8BF3} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{2BDC0B8A-AC99-412C-8C44-F803F596938F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{2C6C06CE-3843-49E1-904F-2BC151A14A4B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{2D2F43B5-BBA5-4531-AF1C-C1B25FC09CF2} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{2E6B6286-9B4A-4F48-B392-BE976E8BA2E7} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{2F4B0155-9701-433B-9E60-F83A58F315A4} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{2F62CFB0-AA28-4BFE-B71D-5529BC2CFE27} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{2FA9108D-33CB-4CCE-A672-9109D4EF994A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{302E56F7-58DC-4173-87A0-184F7C0AAAEC} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{309B1317-1FF0-4B78-AB0C-301DF3E38F70} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{3272335E-008A-4B08-A2F5-AB16B75DEF65} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{33E81987-45C7-4C21-8DC5-70A5A0404616} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{3451FBC2-0A19-41B9-8E9E-242002602ACF} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{352439FE-8EA0-4F62-9E79-0083DFA16BA6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{37F510F2-E2FC-450A-81F8-CBAAC0858328} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{38C9936F-16A1-4AB6-A08B-AEA2C44FB3FF} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{39603904-B032-4246-9DB8-B50BF47F80B5} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{3B986863-44EC-49BC-9F69-AAC3514EDF9F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{3D509B60-7EA0-4874-9CEC-981C5039F2EE} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{3F453F19-1DEF-458E-8617-B509C42AF376} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{414D2F4B-F674-497F-9344-9BA5A19DF1E2} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{4348022E-0DA6-4FA0-B9E0-31917C6DA193} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{4478D3BF-06EE-494E-8CEC-D4E492483431} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{454A4239-B371-4DE7-8A5C-34D42C4B4903} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{45C884DE-DD9F-4F41-8A6A-BD3711FC670D} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{4607C16B-CECA-48A2-8D4A-4F8E66A5CBB7} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{465615AA-2D6C-448B-A002-C457AEF86866} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{46767233-34CA-4963-A735-574E3994CA3D} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{4782953B-34BE-4930-94A4-D8BD2FA67DB0} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{47E6A60F-CD3A-4052-AC32-AB3EBAC41FC3} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{48A2B7C5-15EE-48BE-B090-B346EBABF7AE} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{4983BE1A-26C9-41AF-826C-B458FE002005} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{4C77079E-D576-40E7-AAF8-956EDB3A22A9} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{4D99B4C3-ADFD-4E38-9425-8A9A9108C1B9} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{4E91038D-9250-4785-B3D0-D23D5EB52BD3} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{51CB51ED-AC4E-4F8E-B4D6-D3BF3DB829CE} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{5246C7EC-5214-49F3-996B-B39EAB36506C} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{54A19C37-6A98-4F7C-B17B-35A85ED5146A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{55077A1C-3970-4B9D-B6BD-14C7CAF05D8B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{559AC5A7-DDFC-49EE-958F-84C9E07521FA} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{559EF8D8-81A6-4A3F-B0D9-14E7255662D8} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{56599FD0-D894-49F3-9822-49C019A1D942} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{56DEC5A2-27D8-4EFB-9952-C3991C51FB91} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{57A426B7-6CD5-4BDE-AB88-73C4C4AF0580} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{57CC1E78-3CFD-4E38-BF0E-DBDAD60570B5} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{57FECBBA-02EB-427C-97C0-DFAC63EE2C18} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{59A4E1C1-4AF2-456A-8DB4-200E85054982} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{59B4C415-AD50-45DB-BB5D-66298E370CBD} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{5A064552-618B-40E0-9B9C-776FA4893BE7} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{5A0C4F06-8BAC-40EB-8247-2DAEFB216AF7} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{5CBD8156-3D4B-4D64-9A99-11FAC259B8F6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{5F3A3833-1490-4411-9472-F6C242B23F67} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{5F4BED06-94F1-48A4-9B47-C5EBE8D964EF} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{5FFCE36A-563D-4CCB-8D3E-CEEFA9994FE1} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{6105C014-5ACC-4B4C-9DED-176199DFD8DB} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{610D78AC-C8EE-450F-9007-73F4AC8DD242} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{619079B6-52A9-4CB1-9C0F-40751FE83E77} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{62A73DD4-D64D-4332-A046-838B6AC45F13} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{63271A12-FF00-4366-A875-C2C70047B5F3} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{639D936D-FA66-4EA1-9664-6578DA8EFF97} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{65599CB5-5593-480D-8682-C2B5CFF6DB4A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{65DCAA13-EB09-4508-80A5-CECEF2F904D3} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{66316115-8F31-41BE-9659-5203BA6D3D8D} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{6647F120-1585-47B0-87C5-39BD619D8880} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{6714A286-B114-4098-A5E3-0E304FF3A865} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{67388993-E32B-44A9-BCBE-CF8292B78966} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{6919152B-D4FE-44E8-B39E-945FE00748A0} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{6A5AC113-417F-4F81-8B34-F8E4BF3C7249} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{6B47F480-F6F3-4C06-8BD7-AB816392FF86} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{6C04E5F8-A5B6-4C16-BD93-56BCC8B3BDB1} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{6E2AF1D5-506D-4E01-B22B-DBD18BF6DBEF} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{6F17B40A-FF52-4C5C-B083-7032AA38E49B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{7158B762-EFF0-4E71-B548-5CA41A028AF8} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{72316C1A-528E-486A-AA16-C9CF14B39D16} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{73B70445-9E7F-434F-9E2C-02742862FD8F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{73FE2C74-ACED-47B9-8A5E-2AF8FF1F63CF} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{751AEDE1-2520-4787-8BB7-D3433AD63850} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{75F98A1A-1142-4787-957D-DF8ED2771201} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{7676FD1C-6AEA-4AAB-AF8F-A2784F79F95E} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{76BC6E0C-0E14-458D-886B-D4AA2398CC17} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{77873603-BD42-413F-B406-076CA5F9BCD2} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{782DD5C1-D771-42E4-97CC-A75806F4FB87} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{795068C8-043C-4161-93E2-556133EC32F6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{7AE63FA5-ECC5-4D17-9742-776DDDEFF3E4} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{7B4C6927-96C4-4E1B-A982-44F378EC9F49} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{7DA65DBF-41D1-4C62-9A7C-7CE873D01CA8} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{7DBE2B86-6C3E-4BE0-B377-D7D7F4545926} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{7E63D5DE-B98F-4A8A-A219-BE40D14E7B14} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{7FBB039B-9158-4489-A480-090EB26CF5C5} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{81327AE2-C1CF-4659-8386-2C038A326E74} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{831871E2-A376-4EEE-91AE-12A057A41461} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{851A56AF-1768-4CE9-AED7-3B097D2B64CA} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{85E2CAAA-385C-4611-9904-B2325F5FC39A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{85EBA6FC-3CB9-4C70-85AE-8BE842907C2A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{8682E5D7-6451-4921-B198-4B163F8F573F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{87FB85FB-1204-4B6F-90B7-C3D346AF94B6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{8811147C-4B18-4ED6-A96E-EB18BF60FD12} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{89B970A8-17CB-4231-91BE-97D017C7C064} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{8B2FEFCA-84F3-44BD-BCFD-76728E109803} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{8B382E1B-89CC-45B4-9218-9F6D46FE9EAD} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{8B7C622D-A26F-463E-AB35-74F0EB40661C} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{8B9A83BF-571C-4D99-823D-4ECB465F7BC2} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{8BB18509-2E62-4DBD-B33A-1FDE356A0B5F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{8DCFC4CB-5DE6-493B-802C-CB5BD449F0EB} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{8DF6DF51-1A00-4C16-87BE-0A988D769861} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{8FA70E85-E0EC-44AD-A8B2-88FD421AAE58} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{911AA878-E7C1-4BFA-A8F1-EB021FEFC817} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{92626E59-6AD9-4E07-98F0-9A1B47A2790C} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{938B9D66-66CE-48CA-B15D-CD3F18856EFC} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{951F8ED0-F103-4565-9172-D267FE5DF74B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{95EB3CCA-364F-4C0F-93D1-A2095BA8FD8F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{983F2196-230F-4B15-B4E1-65D9567C65A1} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{9895294E-97C9-43E9-A2A4-7F47C2827A8E} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{99BB56D8-8663-4C3E-98DF-DC3403290E86} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{99BBEF13-1354-4616-8BBF-5091162B21CE} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{9B948D29-1E17-44A8-9A2F-10AC5F99A49C} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{9CE3AC27-8C11-4AC3-AB0F-C1F1B7270FB2} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{9D07361C-E286-4499-9C2E-40A50103E04A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{9D321E01-29F2-43BB-8341-1724292A2767} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{9E69FF99-78F5-4FC4-B31D-93056C009271} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{9F9C42E9-7A30-4920-995E-4D1481AAD43D} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{A0D1AB9B-C1EA-4885-83C7-7EEF0D7CD5CB} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{A1564C46-7671-4FB7-8FAE-B013881535B8} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{A177CF04-F767-4776-8E8A-4A01D52F6295} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{A2B6B80E-3AD1-40C2-9507-A8CF02162F16} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{A3BC262E-4162-4D07-B1F9-D89F21DF431B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{A63554BB-56D7-4AF6-A7D3-0F1E1860D152} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{A71DFA2F-33D8-43C8-A65B-2E85B381BE46} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{A7B81AF6-2957-4599-BBCA-CCDBB6405742} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{AB1A5DD2-02AF-44F5-8100-6E6D085EECC2} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{AB746CCD-6359-41CC-8E3D-C85ED3D6D522} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{ACEF5BE7-1E82-42D6-971A-5C9ED064D3CF} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{ADD0B6F2-91EC-47D3-86E6-3A91350C1B16} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{AE6A909C-2EAB-446F-84A0-85856B0C5269} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B0CA6EAC-7976-4301-A89E-5372D2627989} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B143C764-82EE-4E41-ACDC-34477E65D346} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B202ECDA-2D46-42A2-AE31-D2201E25D48C} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B324DDCC-60E9-4304-876A-57EE175B72D6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B329E648-9D0F-4B16-BA42-649CBE127C1F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B4FB9640-66F8-4C4D-92D4-4F39B373F7E6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B6871E73-41AA-448C-8DDA-D1F6F0F68748} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B73C1E86-8D8E-4832-B45E-1CC02A6C7871} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B82FF6A6-EC07-4AA2-AF1C-D7D7731F702B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B8AA71B7-5706-45B1-93F4-9C6801308BA2} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{B9A11B84-9603-4C05-95A9-A6594007DE5D} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{BDB0C4A5-A64D-47FE-B2B8-A8E43401E99B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{BE1F8BA0-450B-4A5E-8D4C-CFCF0D8602F3} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C06039FF-E0F2-4272-ABD0-6958C9F1B26F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C09C46F8-A732-4E39-A5F2-D9A886F143FF} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C1F3C69D-29A9-44F1-8CF9-355B505F841F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C278784C-A8DB-4EBD-99A0-B5041D62C446} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C301159A-CE1F-40D5-A69B-A869B7532591} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C31757B4-7B99-4631-846E-B8EB51F1E80E} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C5875403-2D28-4020-A0F2-307BAD25794E} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C5E1DFA0-8169-4A04-BBFE-DDF6E8CC2621} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C672CBA9-867E-41F4-A0CF-DE3C21AB5438} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C6D0EED4-A7E5-4901-90A5-64AC881FFBAD} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C6E88568-1A95-4686-8246-AD7C2FFAA213} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{C7F7509B-2799-41CA-895D-6DA0FB1F159A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{CA32AF0E-4D9D-409B-A037-B4A29A172B53} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{CE6DC8BC-62A2-40F5-9EFF-C878CAC8ADE3} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{CF2C8217-8148-4202-8AC2-572D8C1C14C8} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D1BBE30A-F374-40D2-A541-3E1EA32C4C80} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D1DC3EEF-788E-48A0-B56F-A064D89F950E} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D28D8AC0-CB5B-4D99-9C4F-6633FBE2CDED} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D3A70119-6F8B-4470-AC2E-F620475BF48D} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D4851AB5-6AAD-4B30-8104-CDB251B98DFD} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D5430522-4A2F-4276-9CE4-6E8D673E4831} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D5E21824-F18B-42CC-A48D-AA87F8D2F19B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D601B97E-30E3-4A18-A043-2670B3EF1DF1} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D878AE88-E243-4EEF-B185-C4D8CE35138A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D88F37A1-957A-439F-9234-FCF4DADE7A44} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{D9FDC9B5-51E8-44A7-97F9-57C9C7C525B6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{DA078CE9-90DD-4710-BDE0-615629C960DE} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{DA0926B8-6336-47A2-8D02-656C04CE8D07} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{DA4D6225-9D43-4C67-87C5-AA33E3DAF9AF} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{DA5B98E2-36BC-4A4B-98A9-1FE0C664B7B9} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{DACA079B-8E69-44D1-A851-F2C8FF8934B9} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{DB1ECD31-B616-40B4-BD1C-A9B4E42F94D3} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{DC5502F7-BA39-4258-967D-541F9BD09BB8} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{DCA38708-69E9-4D78-BD72-70035B8E1271} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{DD3D75CB-09F3-478E-B999-035782758598} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{E23E50B3-80AC-4E41-A883-994BCA6356C3} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{E2D89C01-B487-4E9D-95F7-DC1B69090C20} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{E432E2FC-CC5E-44E8-86F4-E77D8381A67B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{E447CEBE-01B5-4855-A93A-A9EEB85B6314} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{E48EE27C-81A5-4901-8409-14911F163F19} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{E4F0C354-966A-4C23-92F2-6D0506ED0C16} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{E5F3550B-0792-4B2F-9B1C-4CE8EE37E632} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{E78FB9B1-4E8E-44D6-928E-7666397B5BBD} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{E97B3674-55A5-4C6B-993A-56EB6D12B70D} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{E9E7566B-895E-43EC-AF9A-A1636676C999} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{ED00192D-FB33-4E68-9E8E-2B2F224D4289} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{ED9C2EE4-5100-442F-9FDC-896924868C36} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{EE54F8A7-4832-4296-88F5-5F4D46B5A287} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{EED9BB0C-F723-4CB5-AC5C-8891ABF3D09B} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F040517D-DB40-42A7-83B5-232E2CD80E03} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F0A26650-C224-4FE0-BE7D-2D6AC370B495} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F147A653-9FA7-4E0C-ABC4-D96EC7E4E3DE} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F1C3B93C-B8D1-4013-AAA1-E6A3EFF9359F} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F2D60633-8D56-4059-8507-E112FDB2F138} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F37A5F12-BF62-48F0-B599-4C641FF65BA6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F4E5F50C-3DD6-45C4-8EBF-E81C0888E27D} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F654117D-D165-4AFB-871A-B27AD69102F2} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F7D50DE4-D065-4B72-A94A-7FEC5226C1CA} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F8885050-CF7A-4E12-B2AB-F81919294AD0} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F94ED65D-A59E-42F8-98C8-7F906226552A} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F9A1B32B-2D48-4927-B688-E54EBA6358E6} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{F9A67A3C-CFC0-401B-9151-4F9CBAE88965} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{FAB4918B-6E0B-4BCE-960C-782650B700A8} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{FAC9A3C5-24B0-449E-B148-0E2A07E5505C} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{FC0F9807-521F-42C5-AD7C-F09C57B40429} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{FC8D4482-F5B8-460F-B2C5-EF76A2172570} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{FCF7F047-09FB-47D2-B5D0-EE51B23A1695} Successfully deleted: [Empty Folder] C:\Users\Dario\appdata\local\{FED7B67C-70AD-4FEA-9E95-B176DE41835F} ~~~ FireFox Successfully deleted: [Folder] C:\Users\Dario\AppData\Roaming\mozilla\firefox\profiles\z374b044.default\extensions\toolbar@gmx.net Emptied folder: C:\Users\Dario\AppData\Roaming\mozilla\firefox\profiles\z374b044.default\minidumps [143 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 02.10.2014 at 10:35:30,41 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Seit der Ausführung der Programme, kommt es mir so vor als wäre mein Internet lamgsamer (bekommen immer die Meldung ob das PlugIn weiter ausgeführt werden soll) und der Intel RST Service läuft nicht. Kann das damit zusammenhängen? |
03.10.2014, 11:19 | #8 |
/// the machine /// TB-Ausbilder | Programme haben keinen InternetzugriffESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
03.10.2014, 14:55 | #9 |
| Programme haben keinen Internetzugriff Eset läd die Komponenten nicht runter und lässt sich dementsprechent nicht starten. Das spiegelt quasi das eigentliche Problem wieder, denn die Programme verbinden sich nicht mit dem Internet. Was soll ich nun tun? |
04.10.2014, 13:53 | #10 |
/// the machine /// TB-Ausbilder | Programme haben keinen Internetzugriff Poste mal bitte ein frisches FRST log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
04.10.2014, 15:06 | #11 |
| Programme haben keinen Internetzugriff Hier mal ein frisches FRST log: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02 Ran by Dario (administrator) on DARIO-VAIO on 04-10-2014 16:01:45 Running from C:\Users\Dario\Desktop\Neuer Ordner Loaded Profile: Dario (Available profiles: Dario) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe (Spotify Ltd) C:\Users\Dario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe (ALPS) C:\Program Files\Apoint\Apvfb.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-03-12] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-07-08] (F-Secure Corporation) HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2014-06-24] (F-Secure Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3810040113-3366235107-2524779152-1000\...\Run: [Spotify Web Helper] => C:\Users\Dario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-21] (Spotify Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {791387CC-FD3D-4649-A362-23DEFED0F29D} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices SearchScopes: HKCU - {C909D0DC-BB0B-4692-8A78-5DFC11EE1066} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms} SearchScopes: HKCU - {CCFDB796-99E0-4AE7-B5CC-B72FBA91483C} URL = hxxp://de.shopping.com/?linkin_id=8056363 BHO: F-Secure Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: F-Secure Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", ""); FF Homepage: google.de FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1))%20%7B%20return%20'PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D" FF NetworkProxy: "type", 2 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: GMX MailCheck - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\Extensions\toolbar@gmx.net [2014-10-02] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-04-21] FF Extension: ProxMate - Proxy on steroids! - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-01-29] FF Extension: Adblock Plus - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\z374b044.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-21] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-21] FF HKLM-x32\...\Firefox\Extensions: [{67f11f70-7bb7-45c0-a1e4-94f2927b46df}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2014-09-25] FF HKCU\...\Firefox\Extensions: [safesearch@f-secure.com] - C:\Users\Dario\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn FF Extension: F-Secure Search - C:\Users\Dario\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn [2014-09-25] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-06-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-07-08] (F-Secure Corporation) R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2014-06-24] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2014-06-24] (F-Secure Corporation) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation) R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-09-25] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-09-25] (F-Secure Corporation) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2014-09-25] () R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [89640 2014-09-25] (F-Secure Corporation) R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2014-06-24] () S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed] S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed] S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed] S3 VBTUSB; C:\Windows\System32\Drivers\VBTUSB.sys [14848 2010-06-17] (Sony Corporation) [File not signed] S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-03 15:38 - 2014-10-03 15:38 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-10-03 15:32 - 2014-10-03 15:32 - 02347384 _____ (ESET) C:\Users\Dario\Desktop\esetsmartinstaller_deu.exe 2014-10-03 15:32 - 2014-10-03 15:32 - 00854417 _____ () C:\Users\Dario\Desktop\SecurityCheck.exe 2014-10-02 10:28 - 2014-10-02 10:28 - 00000000 ____D () C:\Windows\ERUNT 2014-10-02 10:21 - 2014-10-02 10:22 - 00000000 ____D () C:\AdwCleaner 2014-10-02 09:59 - 2014-10-02 09:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-02 09:58 - 2014-10-02 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-10-02 09:58 - 2014-10-02 09:58 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-02 09:58 - 2014-10-02 09:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-02 09:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-02 09:58 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-02 09:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-02 09:45 - 2014-10-04 16:01 - 00000000 ____D () C:\Users\Dario\Desktop\Neuer Ordner 2014-09-30 17:03 - 2014-09-30 17:16 - 00000000 ____D () C:\Qoobox 2014-09-30 17:03 - 2014-09-30 17:15 - 00000000 ____D () C:\Windows\erdnt 2014-09-30 17:03 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-09-30 17:03 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-09-30 17:03 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-09-30 17:03 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-09-30 17:03 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-09-30 17:03 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-09-30 17:03 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-09-30 17:03 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-09-29 19:04 - 2014-10-04 16:01 - 00000000 ____D () C:\FRST 2014-09-28 23:19 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-09-28 23:19 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-09-28 23:19 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-09-28 23:15 - 2014-09-28 23:15 - 00182912 _____ () C:\Windows\msxml4-KB2758694-deu.LOG 2014-09-28 22:50 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2014-09-28 22:47 - 2014-09-28 22:47 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-28 22:47 - 2014-09-28 22:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-28 22:47 - 2014-09-28 22:47 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-28 22:47 - 2014-09-28 22:47 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-28 22:47 - 2014-09-28 22:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-09-28 22:47 - 2014-09-28 22:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-09-28 22:47 - 2014-09-28 22:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-09-28 22:47 - 2014-09-28 22:47 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-09-28 22:47 - 2014-09-28 22:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-09-28 22:47 - 2014-09-28 22:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-09-28 22:47 - 2014-09-28 22:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-09-28 22:47 - 2014-09-28 22:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-09-28 22:47 - 2014-09-28 22:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-28 21:29 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2014-09-28 21:29 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-09-28 21:24 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-09-28 21:10 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-09-28 21:10 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-28 21:10 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2014-09-28 21:10 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2014-09-28 21:10 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2014-09-28 21:10 - 2013-01-13 21:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-09-28 21:10 - 2013-01-13 21:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-09-28 21:10 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2014-09-28 21:10 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2014-09-28 21:10 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2014-09-28 21:10 - 2013-01-13 21:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-28 21:10 - 2013-01-13 21:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-09-28 21:10 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2014-09-28 21:10 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2014-09-28 21:10 - 2013-01-13 21:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-09-28 21:10 - 2013-01-13 21:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-09-28 21:10 - 2013-01-13 21:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-09-28 21:10 - 2013-01-13 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-09-28 21:10 - 2013-01-13 21:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-09-28 21:10 - 2013-01-13 21:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-09-28 21:10 - 2013-01-13 21:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-09-28 21:10 - 2013-01-13 21:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-09-28 21:10 - 2013-01-13 21:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-09-28 21:10 - 2013-01-13 21:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-09-28 21:10 - 2013-01-13 21:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-09-28 21:10 - 2013-01-13 21:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-09-28 21:10 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-09-28 21:10 - 2013-01-13 20:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-09-28 21:10 - 2013-01-13 20:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-09-28 21:10 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2014-09-28 21:10 - 2013-01-13 19:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-09-28 21:10 - 2013-01-04 08:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-28 21:10 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-28 21:01 - 2014-09-28 22:50 - 00035949 _____ () C:\Windows\IE11_main.log 2014-09-28 20:27 - 2014-09-28 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-28 20:27 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-09-28 20:26 - 2014-09-28 20:27 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-28 20:26 - 2014-09-28 20:27 - 00000000 ____D () C:\Program Files\iTunes 2014-09-28 20:26 - 2014-09-28 20:27 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-09-28 20:26 - 2014-09-28 20:26 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-09-28 20:26 - 2014-09-28 20:26 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-09-28 20:26 - 2014-09-28 20:26 - 00000000 ____D () C:\Program Files\iPod 2014-09-28 20:26 - 2014-09-28 20:26 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-09-28 20:25 - 2014-09-28 20:25 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-09-28 20:25 - 2014-09-28 20:25 - 00000000 ____D () C:\Program Files\Bonjour 2014-09-28 20:25 - 2014-09-28 20:25 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-09-25 09:04 - 2014-10-04 11:28 - 00003394 _____ () C:\Windows\System32\Tasks\Scheduled scanning task 2014-09-25 09:04 - 2014-10-04 11:28 - 00000618 _____ () C:\Windows\Tasks\Scheduled scanning task.job 2014-09-25 08:51 - 2014-09-25 08:59 - 00056016 _____ () C:\Windows\system32\Drivers\fsbts.sys 2014-09-25 08:51 - 2014-09-25 08:51 - 00000657 _____ () C:\Windows\fsav_db_setup.log 2014-09-25 08:50 - 2014-09-25 08:51 - 00895110 _____ () C:\Windows\FSSFM.log 2014-09-25 08:50 - 2014-09-25 08:51 - 00804919 _____ () C:\Windows\FSSETUP.log 2014-09-25 08:50 - 2014-09-25 08:51 - 00136077 _____ () C:\Windows\FSPROD.log 2014-09-25 08:50 - 2014-09-25 08:51 - 00088489 _____ () C:\Windows\RunSetup.log 2014-09-25 08:50 - 2014-09-25 08:51 - 00070706 _____ () C:\Windows\FSAVINST.LOG 2014-09-25 08:50 - 2014-09-25 08:51 - 00009874 _____ () C:\Windows\FSAVCSIN.LOG 2014-09-25 08:50 - 2014-09-25 08:51 - 00004230 _____ () C:\Windows\fstnbins.LOG 2014-09-25 08:50 - 2014-09-25 08:50 - 00019328 _____ () C:\Windows\fspplugin.log 2014-09-25 08:48 - 2014-09-25 08:49 - 00000000 ____D () C:\Program Files (x86)\F-Secure 2014-09-25 08:48 - 2014-09-25 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure 2014-09-24 23:30 - 2014-10-02 10:23 - 00726622 _____ () C:\Windows\PFRO.log 2014-09-24 21:21 - 2014-09-25 08:41 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-09-24 21:19 - 2014-09-25 08:51 - 04131916 _____ () C:\Windows\FSISU.log 2014-09-24 21:19 - 2014-09-25 08:51 - 00384340 _____ () C:\Windows\FSDEPH.log 2014-09-24 21:19 - 2014-09-25 08:51 - 00008327 _____ () C:\Windows\FSGKIAIN.log 2014-09-24 21:19 - 2014-09-25 08:51 - 00003632 _____ () C:\Windows\FSLDIN.LOG 2014-09-24 21:19 - 2014-09-25 08:51 - 00003355 _____ () C:\Windows\fsavunin.log 2014-09-24 21:19 - 2014-09-24 21:20 - 00263127 _____ () C:\Windows\FSUNINST.log 2014-09-24 21:19 - 2014-09-24 21:20 - 00013582 _____ () C:\Windows\uninstaller.log 2014-09-24 21:19 - 2014-09-24 21:19 - 00000812 _____ () C:\Windows\daasunin.LOG 2014-09-24 21:19 - 2014-09-24 21:19 - 00000070 _____ () C:\Windows\fsavunin_2.log 2014-09-21 09:28 - 2014-09-25 09:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-21 09:14 - 2014-10-02 19:12 - 00000063 _____ () C:\Users\Dario\Desktop\ib.txt 2014-09-11 15:33 - 2014-09-11 15:33 - 00008863 _____ () C:\Users\Dario\.recently-used.xbel 2014-09-06 14:41 - 2014-10-02 14:41 - 00000000 ____D () C:\Users\Dario\Desktop\Bewerbung NEU ab 2014 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-04 15:58 - 2014-08-16 15:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-04 14:25 - 2014-08-09 09:27 - 00008538 _____ () C:\Windows\setupact.log 2014-10-04 13:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-10-04 11:38 - 2010-11-25 19:40 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{737607F8-836A-4C0C-B675-CAA71288B56F} 2014-10-04 11:36 - 2010-11-25 19:27 - 01200901 _____ () C:\Windows\WindowsUpdate.log 2014-10-04 11:36 - 2009-07-14 06:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-04 11:36 - 2009-07-14 06:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-04 11:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-30 17:16 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-09-30 17:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-09-28 23:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-09-28 23:24 - 2009-07-14 06:45 - 00443352 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-09-28 23:05 - 2010-07-12 22:26 - 00000000 ____D () C:\Windows\Panther 2014-09-28 23:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-09-28 22:10 - 2010-07-31 01:24 - 00703340 _____ () C:\Windows\system32\perfh007.dat 2014-09-28 22:10 - 2010-07-31 01:24 - 00151766 _____ () C:\Windows\system32\perfc007.dat 2014-09-28 22:10 - 2009-07-14 07:13 - 01631944 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-28 22:07 - 2013-05-15 19:51 - 00000000 ___RD () C:\Users\Dario\Dropbox 2014-09-28 22:06 - 2013-05-15 19:46 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\Dropbox 2014-09-28 21:17 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-09-28 21:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK 2014-09-28 21:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR 2014-09-28 21:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK 2014-09-28 21:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-09-28 20:26 - 2010-12-28 19:08 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-09-28 20:25 - 2010-12-28 19:07 - 00000000 ____D () C:\ProgramData\Apple 2014-09-25 18:23 - 2012-05-02 20:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-25 08:52 - 2014-04-10 21:40 - 00000000 ____D () C:\Users\Dario\AppData\Local\F-Secure 2014-09-25 08:52 - 2012-12-10 14:49 - 00000000 ____D () C:\ProgramData\F-Secure 2014-09-25 08:51 - 2012-12-10 15:01 - 00020560 _____ () C:\Windows\prodsett_copy.ini 2014-09-24 23:38 - 2014-03-26 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-24 13:43 - 2013-01-27 18:46 - 00000000 ____D () C:\Users\Dario\AppData\Local\Spotify 2014-09-24 13:43 - 2013-01-27 18:12 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\Spotify 2014-09-15 16:00 - 2011-07-20 21:12 - 00000000 ____D () C:\Users\Dario\Documents\Bewerbung Dario_NICHT LÖSCHEN 2014-09-13 13:29 - 2011-11-04 17:46 - 00000000 ____D () C:\Users\Dario\Documents\Uni 2014-09-11 16:29 - 2011-12-23 17:34 - 00000000 ____D () C:\Users\Dario\.gimp-2.6 2014-09-11 15:33 - 2010-11-25 19:37 - 00000000 ____D () C:\Users\Dario 2014-09-11 11:19 - 2011-12-23 17:35 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\gtk-2.0 2014-09-11 08:37 - 2011-10-13 18:52 - 00000000 ____D () C:\Users\Dario\Documents\Angebote 2014-09-10 09:52 - 2013-04-12 20:25 - 00346787 _____ () C:\test.xml 2014-09-10 09:32 - 2014-08-16 15:01 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-10 09:31 - 2014-08-16 15:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-10 09:31 - 2014-08-16 15:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-29 10:10 ==================== End Of Log ============================ |
05.10.2014, 11:05 | #12 |
/// the machine /// TB-Ausbilder | Programme haben keinen Internetzugriff Sieht eigentlich gut aus. Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
Deinstalliere mal F-Secure und teste die INetverbindung nochmal.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
05.10.2014, 21:23 | #13 |
| Programme haben keinen Internetzugriff habe jetzt zwei MiniToolBox scans durchgeführt. Der Erste ist noch mit F-Secure und der Zweite nach der Deinstalation von F-Secure durchgeführt worden. (P.S. auch nach der Deinstalation von F-Secure, hat Windows Update keine Verbindung zum Internet bekommen) Code:
ATTFilter MiniToolBox by Farbar Version: 21-07-2014 Ran by Dario (administrator) on 05-10-2014 at 20:16:50 Running from "C:\Users\Dario\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows-IP-Konfiguration Der DNS-Aufl�sungscache wurde geleert. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "network.proxy.autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com')%20%7B%20return%20'PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D" "network.proxy.type", 2 "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Atheros AR9285 Wireless Network Adapter = Drahtlosnetzwerkverbindung (Connected) Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = LAN-Verbindung 4 (Hardware not present) Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller = LAN-Verbindung (Media disconnected) # ---------------------------------- # IPv4-Konfiguration # ---------------------------------- pushd interface ipv4 reset set global icmpredirects=enabled set interface interface="LAN-Verbindung 4" forwarding=enabled advertise=enabled metric=1 nud=enabled set subinterface interface=?3 subinterface=ethernet_6 mtu=1477 popd # Ende der IPv4-Konfiguration Windows-IP-Konfiguration Hostname . . . . . . . . . . . . : Dario-VAIO Prim�res DNS-Suffix . . . . . . . : Knotentyp . . . . . . . . . . . . : Gemischt IP-Routing aktiviert . . . . . . : Nein WINS-Proxy aktiviert . . . . . . : Nein DNS-Suffixsuchliste . . . . . . . : vpn.uni-hamburg.de vpn-intern.uni-hamburg.de.local Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung: Verbindungsspezifisches DNS-Suffix: localdomain Beschreibung. . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter Physikalische Adresse . . . . . . : 78-DD-08-BC-4B-22 DHCP aktiviert. . . . . . . . . . : Ja Autokonfiguration aktiviert . . . : Ja Verbindungslokale IPv6-Adresse . : fe80::b4ef:61f4:a844:8305%11(Bevorzugt) IPv4-Adresse . . . . . . . . . . : 192.168.1.33(Bevorzugt) Subnetzmaske . . . . . . . . . . : 255.255.255.0 Lease erhalten. . . . . . . . . . : Sonntag, 5. Oktober 2014 20:05:47 Lease l�uft ab. . . . . . . . . . : Sonntag, 12. Oktober 2014 20:05:42 Standardgateway . . . . . . . . . : 192.168.1.1 DHCP-Server . . . . . . . . . . . : 192.168.1.1 DHCPv6-IAID . . . . . . . . . . . : 352331358 DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-14-80-45-EE-54-42-49-E0-F2-D4 DNS-Server . . . . . . . . . . . : 192.168.1.1 NetBIOS �ber TCP/IP . . . . . . . : Aktiviert Ethernet-Adapter LAN-Verbindung: Medienstatus. . . . . . . . . . . : Medium getrennt Verbindungsspezifisches DNS-Suffix: Beschreibung. . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller Physikalische Adresse . . . . . . : 54-42-49-E0-F2-D4 DHCP aktiviert. . . . . . . . . . : Ja Autokonfiguration aktiviert . . . : Ja Tunneladapter isatap.localdomain: Medienstatus. . . . . . . . . . . : Medium getrennt Verbindungsspezifisches DNS-Suffix: localdomain Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktiviert. . . . . . . . . . : Nein Autokonfiguration aktiviert . . . : Ja Tunneladapter Teredo Tunneling Pseudo-Interface: Verbindungsspezifisches DNS-Suffix: Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktiviert. . . . . . . . . . : Nein Autokonfiguration aktiviert . . . : Ja IPv6-Adresse. . . . . . . . . . . : 2001:0:9d38:6abd:3c:35aa:b1c9:8873(Bevorzugt) Verbindungslokale IPv6-Adresse . : fe80::3c:35aa:b1c9:8873%16(Bevorzugt) Standardgateway . . . . . . . . . : :: NetBIOS �ber TCP/IP . . . . . . . : Deaktiviert Server: alice.box Address: 192.168.1.1 Name: google.com Addresses: 2a00:1450:4005:808::1007 173.194.113.174 173.194.113.168 173.194.113.164 173.194.113.169 173.194.113.162 173.194.113.165 173.194.113.160 173.194.113.167 173.194.113.163 173.194.113.161 173.194.113.166 Ping wird ausgef�hrt f�r google.com [173.194.113.166] mit 32 Bytes Daten: Antwort von 173.194.113.166: Bytes=32 Zeit=33ms TTL=57 Antwort von 173.194.113.166: Bytes=32 Zeit=44ms TTL=57 Ping-Statistik f�r 173.194.113.166: Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust), Ca. Zeitangaben in Millisek.: Minimum = 33ms, Maximum = 44ms, Mittelwert = 38ms Server: alice.box Address: 192.168.1.1 Name: yahoo.com Addresses: 98.138.253.109 98.139.183.24 206.190.36.45 Ping wird ausgef�hrt f�r yahoo.com [206.190.36.45] mit 32 Bytes Daten: Antwort von 206.190.36.45: Bytes=32 Zeit=249ms TTL=47 Antwort von 206.190.36.45: Bytes=32 Zeit=209ms TTL=47 Ping-Statistik f�r 206.190.36.45: Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust), Ca. Zeitangaben in Millisek.: Minimum = 209ms, Maximum = 249ms, Mittelwert = 229ms Ping wird ausgef�hrt f�r 127.0.0.1 mit 32 Bytes Daten: Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128 Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128 Ping-Statistik f�r 127.0.0.1: Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust), Ca. Zeitangaben in Millisek.: Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms =========================================================================== Schnittstellenliste 11...78 dd 08 bc 4b 22 ......Atheros AR9285 Wireless Network Adapter 10...54 42 49 e0 f2 d4 ......Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller 1...........................Software Loopback Interface 1 20...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4-Routentabelle =========================================================================== Aktive Routen: Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.33 25 127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306 127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306 127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306 192.168.1.0 255.255.255.0 Auf Verbindung 192.168.1.33 281 192.168.1.33 255.255.255.255 Auf Verbindung 192.168.1.33 281 192.168.1.255 255.255.255.255 Auf Verbindung 192.168.1.33 281 224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306 224.0.0.0 240.0.0.0 Auf Verbindung 192.168.1.33 281 255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306 255.255.255.255 255.255.255.255 Auf Verbindung 192.168.1.33 281 =========================================================================== St�ndige Routen: Keine IPv6-Routentabelle =========================================================================== Aktive Routen: If Metrik Netzwerkziel Gateway 16 58 ::/0 Auf Verbindung 1 306 ::1/128 Auf Verbindung 16 58 2001::/32 Auf Verbindung 16 306 2001:0:9d38:6abd:3c:35aa:b1c9:8873/128 Auf Verbindung 11 281 fe80::/64 Auf Verbindung 16 306 fe80::/64 Auf Verbindung 16 306 fe80::3c:35aa:b1c9:8873/128 Auf Verbindung 11 281 fe80::b4ef:61f4:a844:8305/128 Auf Verbindung 1 306 ff00::/8 Auf Verbindung 16 306 ff00::/8 Auf Verbindung 11 281 ff00::/8 Auf Verbindung =========================================================================== St�ndige Routen: Keine ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation) Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation) Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation) x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation) x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation) x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.) x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.) x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation) x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.) x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (10/05/2014 08:16:10 PM) (Source: CVHSVC) (User: ) Description: Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Das Zeitlimit für den Vorgang wurde erreicht. Error: (10/05/2014 08:13:30 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (User: ) Description: 2 2014-10-05 20:13:30+02:00 DARIO-VAIO SYSTEM F-Secure DeepGuard Application was blocked. This was determined to be a high-risk application by system control heuristics. Application path: \\?\c:\users\dario\desktop\minitoolbox.exe File hash: 86e47b9890119b3e888adbca6acc86cf9678846a Error: (10/05/2014 08:13:01 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (User: ) Description: 1 2014-10-05 20:13:01+02:00 DARIO-VAIO SYSTEM F-Secure DeepGuard Application was blocked. This was determined to be a high-risk application by system control heuristics. Application path: \\?\c:\users\dario\desktop\minitoolbox.exe File hash: 86e47b9890119b3e888adbca6acc86cf9678846a Error: (10/05/2014 08:05:57 PM) (Source: Application Virtualization Client) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=E88} Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000194). Error: (10/05/2014 08:05:57 PM) (Source: Application Virtualization Client) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=E88} Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.5139.5005.sft' herstellen (Rückgabecode 24604E0A-40000194, ursprünglicher Rückgabecode 24604E0A-40000194). Error: (10/04/2014 11:38:46 AM) (Source: CVHSVC) (User: ) Description: Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Das Zeitlimit für den Vorgang wurde erreicht. Error: (10/04/2014 11:28:25 AM) (Source: Application Virtualization Client) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=E6C} Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000194). Error: (10/04/2014 11:28:25 AM) (Source: Application Virtualization Client) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=E6C} Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.5139.5005.sft' herstellen (Rückgabecode 24604E0A-40000194, ursprünglicher Rückgabecode 24604E0A-40000194). Error: (10/03/2014 03:57:47 PM) (Source: CVHSVC) (User: ) Description: Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Das Zeitlimit für den Vorgang wurde erreicht. Error: (10/03/2014 03:47:27 PM) (Source: Application Virtualization Client) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=106C} Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000194). System errors: ============= Error: (10/02/2014 09:19:39 PM) (Source: Service Control Manager) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "F-Secure Dll Hoster" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (10/02/2014 09:19:29 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "F-Secure Dll Hoster" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (10/02/2014 01:32:38 PM) (Source: Service Control Manager) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "F-Secure Dll Hoster" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (10/02/2014 01:32:28 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "F-Secure Dll Hoster" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-09-30 17:13:43.061 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-30 17:13:42.921 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-12-28 15:38:34.359 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-28 15:38:34.289 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-28 15:38:34.219 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-28 15:38:34.119 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.934 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.893 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.850 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.808 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) =========================== Installed Programs ============================ Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.) AMD Accelerated Video Transcoding (Version: 13.30.100.40312 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2014.0312.1131.18796 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (HKLM\...\{8F3C9854-8EB9-3D28-4AD7-E3ADD800C7E3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft) ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.390 - ArcSoft) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform) Cisco AnyConnect VPN Client (HKLM-x32\...\{44257960-C5CC-45BA-8E83-524E4A0F3FD5}) (Version: 2.5.3054 - Cisco Systems, Inc.) Color Efex Pro 3.0 Standard (HKLM-x32\...\Color Efex Pro 3.0 Stand-Alone Standard) (Version: 3.1.0.9 - Nik Software, Inc.) Computer Security 14.115.100.0 (release) (x32 Version: 14.115.100.0 - F-Secure Corporation) Hidden Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.538 - Corel Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.) Free YouTube to MP3 Converter version 3.10.5.722 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.) F-Secure (HKLM-x32\...\F-Secure ServiceEnabler 666) (Version: 2.15.358.0 - F-Secure Corporation) F-Secure (x32 Version: 2.15.358.0 - F-Secure Corporation) Hidden F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden F-Secure Network CCF 1.02.141 (x32 Version: 1.02.141 - F-Secure Corporation) Hidden F-Secure SafeSearch 1.03.159.0 (release) (x32 Version: 1.03.159.0 - F-Secure Corporation) Hidden GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team) HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Online Safety 2.115.2783.1598 (x32 Version: 2.115.2783.1598 - F-Secure Corporation) Hidden Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}) (Version: 3.58.0 - dotPDN LLC) PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation) PMB VAIO Edition Guide (x32 Version: 1.3.00.06040 - Sony Corporation) Hidden PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.) Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation) Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc) SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.3.0.06230 - Sony Corporation) VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.3.00.06040 - Sony Corporation) VAIO - PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation) VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation) VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation) VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation) VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation) VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.2.00.05120 - Sony Corporation) VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.1.09131 - Sony Corporation) VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation) VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation) VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation) VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.3.00.06040 - Sony Corporation) VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.3.4.2 - Sony Corporation) VAIO Quick Web Access (x32 Version: 1.3.4.2 - Sony Corporation) Hidden VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation) VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe) VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation) VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation) VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation) VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) ========================= Memory info: =================================== Percentage of memory in use: 39% Total physical RAM: 3950.1 MB Available physical RAM: 2377.76 MB Total Pagefile: 7898.38 MB Available Pagefile: 5809.55 MB Total Virtual: 4095.88 MB Available Virtual: 3976.02 MB ========================= Partitions: ===================================== 1 Drive c: () (Fixed) (Total:452.23 GB) (Free:359.88 GB) NTFS ========================= Users: ======================================== Benutzerkonten fr \\DARIO-VAIO Administrator Dario Gast Der Befehl wurde erfolgreich ausgefhrt. ========================= Minidump Files ================================== No minidump file found **** End of log **** Code:
ATTFilter MiniToolBox by Farbar Version: 21-07-2014 Ran by Dario (administrator) on 05-10-2014 at 22:02:28 Running from "C:\Users\Dario\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows-IP-Konfiguration Der DNS-Aufl�sungscache wurde geleert. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "network.proxy.autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com')%20%7B%20return%20'PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D" "network.proxy.type", 2 "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Atheros AR9285 Wireless Network Adapter = Drahtlosnetzwerkverbindung (Connected) Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = LAN-Verbindung 4 (Hardware not present) Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller = LAN-Verbindung (Media disconnected) # ---------------------------------- # IPv4-Konfiguration # ---------------------------------- pushd interface ipv4 reset set global icmpredirects=enabled set interface interface="LAN-Verbindung 4" forwarding=enabled advertise=enabled metric=1 nud=enabled set subinterface interface=?(. subinterface=ethernet_6 mtu=1477 popd # Ende der IPv4-Konfiguration Windows-IP-Konfiguration Hostname . . . . . . . . . . . . : Dario-VAIO Prim�res DNS-Suffix . . . . . . . : Knotentyp . . . . . . . . . . . . : Gemischt IP-Routing aktiviert . . . . . . : Nein WINS-Proxy aktiviert . . . . . . : Nein DNS-Suffixsuchliste . . . . . . . : vpn.uni-hamburg.de vpn-intern.uni-hamburg.de.local Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung: Verbindungsspezifisches DNS-Suffix: localdomain Beschreibung. . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter Physikalische Adresse . . . . . . : 78-DD-08-BC-4B-22 DHCP aktiviert. . . . . . . . . . : Ja Autokonfiguration aktiviert . . . : Ja Verbindungslokale IPv6-Adresse . : fe80::b4ef:61f4:a844:8305%11(Bevorzugt) IPv4-Adresse . . . . . . . . . . : 192.168.1.33(Bevorzugt) Subnetzmaske . . . . . . . . . . : 255.255.255.0 Lease erhalten. . . . . . . . . . : Sonntag, 5. Oktober 2014 21:37:19 Lease l�uft ab. . . . . . . . . . : Sonntag, 12. Oktober 2014 22:00:32 Standardgateway . . . . . . . . . : 192.168.1.1 DHCP-Server . . . . . . . . . . . : 192.168.1.1 DHCPv6-IAID . . . . . . . . . . . : 352331358 DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-14-80-45-EE-54-42-49-E0-F2-D4 DNS-Server . . . . . . . . . . . : fd00::9ec7:a6ff:fef6:e74 192.168.1.1 NetBIOS �ber TCP/IP . . . . . . . : Aktiviert Ethernet-Adapter LAN-Verbindung: Medienstatus. . . . . . . . . . . : Medium getrennt Verbindungsspezifisches DNS-Suffix: Beschreibung. . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller Physikalische Adresse . . . . . . : 54-42-49-E0-F2-D4 DHCP aktiviert. . . . . . . . . . : Ja Autokonfiguration aktiviert . . . : Ja Tunneladapter isatap.localdomain: Medienstatus. . . . . . . . . . . : Medium getrennt Verbindungsspezifisches DNS-Suffix: localdomain Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktiviert. . . . . . . . . . : Nein Autokonfiguration aktiviert . . . : Ja Tunneladapter Teredo Tunneling Pseudo-Interface: Verbindungsspezifisches DNS-Suffix: Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktiviert. . . . . . . . . . : Nein Autokonfiguration aktiviert . . . : Ja IPv6-Adresse. . . . . . . . . . . : 2001:0:5ef5:79fb:c37:136:b1c9:8873(Bevorzugt) Verbindungslokale IPv6-Adresse . : fe80::c37:136:b1c9:8873%16(Bevorzugt) Standardgateway . . . . . . . . . : :: NetBIOS �ber TCP/IP . . . . . . . : Deaktiviert DNS request timed out. timeout was 2 seconds. Server: UnKnown Address: fd00::9ec7:a6ff:fef6:e74 DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. Ping wird ausgef�hrt f�r google.com [173.194.113.174] mit 32 Bytes Daten: Antwort von 173.194.113.174: Bytes=32 Zeit=32ms TTL=57 Antwort von 173.194.113.174: Bytes=32 Zeit=98ms TTL=57 Ping-Statistik f�r 173.194.113.174: Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust), Ca. Zeitangaben in Millisek.: Minimum = 32ms, Maximum = 98ms, Mittelwert = 65ms DNS request timed out. timeout was 2 seconds. Server: UnKnown Address: fd00::9ec7:a6ff:fef6:e74 DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. Ping wird ausgef�hrt f�r yahoo.com [206.190.36.45] mit 32 Bytes Daten: Antwort von 206.190.36.45: Bytes=32 Zeit=265ms TTL=47 Antwort von 206.190.36.45: Bytes=32 Zeit=269ms TTL=47 Ping-Statistik f�r 206.190.36.45: Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust), Ca. Zeitangaben in Millisek.: Minimum = 265ms, Maximum = 269ms, Mittelwert = 267ms Ping wird ausgef�hrt f�r 127.0.0.1 mit 32 Bytes Daten: Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128 Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128 Ping-Statistik f�r 127.0.0.1: Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust), Ca. Zeitangaben in Millisek.: Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms =========================================================================== Schnittstellenliste 11...78 dd 08 bc 4b 22 ......Atheros AR9285 Wireless Network Adapter 10...54 42 49 e0 f2 d4 ......Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller 1...........................Software Loopback Interface 1 21...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4-Routentabelle =========================================================================== Aktive Routen: Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.33 25 127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306 127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306 127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306 192.168.1.0 255.255.255.0 Auf Verbindung 192.168.1.33 281 192.168.1.33 255.255.255.255 Auf Verbindung 192.168.1.33 281 192.168.1.255 255.255.255.255 Auf Verbindung 192.168.1.33 281 224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306 224.0.0.0 240.0.0.0 Auf Verbindung 192.168.1.33 281 255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306 255.255.255.255 255.255.255.255 Auf Verbindung 192.168.1.33 281 =========================================================================== St�ndige Routen: Keine IPv6-Routentabelle =========================================================================== Aktive Routen: If Metrik Netzwerkziel Gateway 16 58 ::/0 Auf Verbindung 1 306 ::1/128 Auf Verbindung 16 58 2001::/32 Auf Verbindung 16 306 2001:0:5ef5:79fb:c37:136:b1c9:8873/128 Auf Verbindung 11 281 fe80::/64 Auf Verbindung 16 306 fe80::/64 Auf Verbindung 16 306 fe80::c37:136:b1c9:8873/128 Auf Verbindung 11 281 fe80::b4ef:61f4:a844:8305/128 Auf Verbindung 1 306 ff00::/8 Auf Verbindung 16 306 ff00::/8 Auf Verbindung 11 281 ff00::/8 Auf Verbindung =========================================================================== St�ndige Routen: Keine ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation) Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation) Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation) x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation) x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation) x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.) x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.) x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation) x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.) x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (10/05/2014 09:47:24 PM) (Source: CVHSVC) (User: ) Description: Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt. Error: (10/05/2014 09:37:25 PM) (Source: Application Virtualization Client) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=D4C} Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000194). Error: (10/05/2014 09:37:25 PM) (Source: Application Virtualization Client) (User: ) Description: {hap=12:app=OfficeVirt 9014006604070000:tid=D4C} Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.5139.5005.sft' herstellen (Rückgabecode 24604E0A-40000194, ursprünglicher Rückgabecode 24604E0A-40000194). Error: (10/05/2014 09:35:27 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/05/2014 09:35:23 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/05/2014 09:35:23 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/05/2014 08:48:39 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1111756 Error: (10/05/2014 08:48:39 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1111756 Error: (10/05/2014 08:48:39 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/05/2014 08:48:38 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1110758 System errors: ============= Error: (10/02/2014 09:19:39 PM) (Source: Service Control Manager) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "F-Secure Dll Hoster" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (10/02/2014 09:19:29 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "F-Secure Dll Hoster" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (10/02/2014 01:32:38 PM) (Source: Service Control Manager) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "F-Secure Dll Hoster" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (10/02/2014 01:32:28 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "F-Secure Dll Hoster" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-09-30 17:13:43.061 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-30 17:13:42.921 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-12-28 15:38:34.359 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-28 15:38:34.289 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-28 15:38:34.219 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-28 15:38:34.119 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.934 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.893 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.850 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-03-15 16:34:48.808 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) =========================== Installed Programs ============================ Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.) AMD Accelerated Video Transcoding (Version: 13.30.100.40312 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2014.0312.1131.18796 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (HKLM\...\{8F3C9854-8EB9-3D28-4AD7-E3ADD800C7E3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft) ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.390 - ArcSoft) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform) Cisco AnyConnect VPN Client (HKLM-x32\...\{44257960-C5CC-45BA-8E83-524E4A0F3FD5}) (Version: 2.5.3054 - Cisco Systems, Inc.) Color Efex Pro 3.0 Standard (HKLM-x32\...\Color Efex Pro 3.0 Stand-Alone Standard) (Version: 3.1.0.9 - Nik Software, Inc.) Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.538 - Corel Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.) Free YouTube to MP3 Converter version 3.10.5.722 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.) GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team) HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}) (Version: 3.58.0 - dotPDN LLC) PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation) PMB VAIO Edition Guide (x32 Version: 1.3.00.06040 - Sony Corporation) Hidden PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.) Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation) Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc) SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.3.0.06230 - Sony Corporation) VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.3.00.06040 - Sony Corporation) VAIO - PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation) VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation) VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation) VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation) VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation) VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.2.00.05120 - Sony Corporation) VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.1.09131 - Sony Corporation) VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation) VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation) VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation) VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.3.00.06040 - Sony Corporation) VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.3.4.2 - Sony Corporation) VAIO Quick Web Access (x32 Version: 1.3.4.2 - Sony Corporation) Hidden VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation) VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe) VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation) VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation) VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation) VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) ========================= Memory info: =================================== Percentage of memory in use: 32% Total physical RAM: 3950.1 MB Available physical RAM: 2675.81 MB Total Pagefile: 7898.38 MB Available Pagefile: 6404.53 MB Total Virtual: 4095.88 MB Available Virtual: 3977.63 MB ========================= Partitions: ===================================== 1 Drive c: () (Fixed) (Total:452.23 GB) (Free:360.92 GB) NTFS ========================= Users: ======================================== Benutzerkonten fr \\DARIO-VAIO Administrator Dario Gast Der Befehl wurde erfolgreich ausgefhrt. ========================= Minidump Files ================================== No minidump file found **** End of log **** |
06.10.2014, 18:30 | #14 |
/// the machine /// TB-Ausbilder | Programme haben keinen Internetzugriff Also Pings gehen durch. Jetzt bite mal folgendes: Router 30 min vom Strom nehmen. Browser öffnen, eine beliebige Seite ansurfen, geht das? AV updaten, geht das? Windows updaten, geht das?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
06.10.2014, 19:39 | #15 |
| Programme haben keinen Internetzugriff Leider hat das nicht geklappt :/ vielen Dank für deine Hilfe, ich gebe die Hoffnung schon langsam auf. Vielleicht fällt Dir ja noch was ein... |