| fensterkreuz | 11.02.2015 13:50 |
Hallo cosinus!
Danke fr deine Antwort und dass du dich des Themas angenommen hast!
Bezglich der Funde verweise ich auf den ersten Thread. Die Berichte von Ad-Aware und Avira zeigen einige Funde, neben den vielen "bsen" Cookies werden folgende explizit genannt:
- ThreatName="Exploit.TIFF.Gen"
- ThreatName="Java.Trojan.Downloader.OpenConnection.AN"
- [FUND] Ist das Trojanische Pferd TR/Agent.451.1
- [FUND] Enthlt Erkennungsmuster des Exploits EXP/Pidief.ard
Ad-Aware ist inzwischen befundfrei.
Zustzlich habe ich inzwischen etwas von Malwarebytes vorzuweisen. Leider sind in den generierten Berichten nur Updates zu erkennen und ich habe bisher keine Funktion gefunden, mit der sich Funde exportieren lassen: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Update, 09.02.2015 11:51:17, SYSTEM, PHILIPP-VAIO, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 09.02.2015 11:51:56, SYSTEM, PHILIPP-VAIO, Manual, Rootkit Database, 2014.11.18.1, 2015.2.3.1,
Error, 09.02.2015 12:54:48, SYSTEM, PHILIPP-VAIO, Manual, 0,
Update, 09.02.2015 12:54:48, SYSTEM, PHILIPP-VAIO, Manual, Malware Database, Failed, Unable to access update server, 2014.11.20.6, 2015.2.9.4,
Update, 09.02.2015 12:57:08, SYSTEM, PHILIPP-VAIO, Manual, Malware Database, 2014.11.20.6, 2015.2.9.5,
Update, 09.02.2015 16:26:11, SYSTEM, PHILIPP-VAIO, Manual, Malware Database, 2015.2.9.5, 2015.2.9.6,
(end)
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Update, 11.02.2015 05:38:17, SYSTEM, PHILIPP-VAIO, Manual, Malware Database, 2015.2.9.6, 2015.2.11.2,
(end)
Daher ist hier ein Screenshot mit den von Malwarebytes in die Quarantne verschobenen Objekte: http://fs1.directupload.net/images/150211/co38v522.jpg
Der Scan mit FRST ergab folgendes:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015
Ran by Philipp (administrator) on PHILIPP-VAIO on 11-02-2015 13:36:09
Running from C:\Users\Philipp\Desktop
Loaded Profiles: Philipp (Available profiles: Philipp)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [208384 2009-08-03] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe [8947008 2014-12-18] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-3325936630-1017222350-922930496-1000\...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-02-10] (Spotify Ltd)
HKU\S-1-5-21-3325936630-1017222350-922930496-1000\...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-02-10] (Spotify Ltd)
HKU\S-1-5-21-3325936630-1017222350-922930496-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3325936630-1017222350-922930496-1000\...\MountPoints2: {21882aa0-a746-11e0-8715-0024be3edfb2} - D:\SETUP.EXE
HKU\S-1-5-21-3325936630-1017222350-922930496-1000\...\MountPoints2: {2bdf11bc-a241-11e3-a946-0026436f00dc} - H:\LaunchU3.exe -a
HKU\S-1-5-21-3325936630-1017222350-922930496-1000\...\MountPoints2: {57818b41-b50e-11e0-82d5-806e6f6e6963} - G:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/home
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/home
HKU\S-1-5-21-3325936630-1017222350-922930496-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/home
HKU\S-1-5-21-3325936630-1017222350-922930496-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEA&bmod=EU01
HKU\S-1-5-21-3325936630-1017222350-922930496-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.com/ig/redirectdomain?brand=SVEA&bmod=EU01
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByCyEtAyC0FtDtD0D0CyC0CzyyDtN0D0Tzu0CyEyCtCtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=1604020200&ir=
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByCyEtAyC0FtDtD0D0CyC0CzyyDtN0D0Tzu0CyEyCtCtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=1604020200&ir=
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByCyEtAyC0FtDtD0D0CyC0CzyyDtN0D0Tzu0CyEyCtCtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=1604020200&ir=
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByCyEtAyC0FtDtD0D0CyC0CzyyDtN0D0Tzu0CyEyCtCtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=1604020200&ir=
SearchScopes: HKU\S-1-5-21-3325936630-1017222350-922930496-1000 -> DefaultScope {57F52502-BDED-FDD7-0423-6082F8A06F93} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3325936630-1017222350-922930496-1000 -> {10740E9E-D0A0-40E6-96CD-FB8CD206656C} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-3325936630-1017222350-922930496-1000 -> {57F52502-BDED-FDD7-0423-6082F8A06F93} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3325936630-1017222350-922930496-1000 -> {61C9CA60-FDF7-4486-A7F3-119C3435378B} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-3325936630-1017222350-922930496-1000 -> {71477CCD-BFF5-49B0-A38F-81E56D105462} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-3325936630-1017222350-922930496-1000 -> {95C4A661-5FBB-4174-BE25-EF47E3B41180} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByCyEtAyC0FtDtD0D0CyC0CzyyDtN0D0Tzu0CyEyCtCtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=1604020200&ir=
SearchScopes: HKU\S-1-5-21-3325936630-1017222350-922930496-1000 -> {9ED2C43A-B711-41A9-828F-A0FB125F4620} URL = hxxp://go.web.de/suchbox/amazon/?keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3325936630-1017222350-922930496-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=DE&ver=18
SearchScopes: HKU\S-1-5-21-3325936630-1017222350-922930496-1000 -> {F552487D-6416-4302-84A8-018BB61CBD6C} URL = hxxp://go.web.de/suchbox/smartshopping/?searchText={searchTerms}&mc=searchplugin@suche@msie.suche@preisvergleich
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-3325936630-1017222350-922930496-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {28B66320-9687-4B13-8757-36F901887AB5} hxxp://www.lidl-fotos.de/ips-opdata/layout/lidl02/objects/canvasx.cab
DPF: HKLM-x32 {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} hxxp://www.lidl-fotos.de/ips-opdata/layout/lidl02/objects/jordan.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\GnlWzHEK.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\GnlWzHEK.default\Extensions\abs@avira.com [2015-02-09]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-02-09]
Chrome:
=======
CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Prsentationen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-09]
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-09]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-10]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-09]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-09]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-09]
CHR Extension: (Avira Browserschutz) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-09]
CHR Extension: (Google Wallet) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-09]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe [713568 2014-12-18] ()
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [74496 2010-09-27] (Sony Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [312136 2010-09-27] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S4 .1258039498; C:\Program Files (x86)\1258039498\Philipp1258039498L.exe [X]
S2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [X]
S3 NMIndexingService; "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe" [X]
S3 SOHDBSvr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-11] (Malwarebytes Corporation)
R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-02-10] (Duplex Secure Ltd.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-10-09] (BitDefender S.R.L.)
U3 al783lyb; C:\Windows\System32\Drivers\al783lyb.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-11 13:36 - 2015-02-11 13:36 - 00020592 _____ () C:\Users\Philipp\Desktop\FRST.txt
2015-02-11 13:36 - 2015-02-11 13:36 - 00000000 ____D () C:\FRST
2015-02-11 13:35 - 2015-02-11 13:35 - 02133504 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2015-02-11 13:27 - 2015-02-11 13:27 - 00000164 _____ () C:\Users\Philipp\Desktop\MWB2.txt
2015-02-11 08:32 - 2015-02-11 08:32 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 06:15 - 2015-02-11 06:15 - 00000000 ____D () C:\Windows\system32\SPReview
2015-02-11 06:02 - 2015-02-04 04:04 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 06:02 - 2015-02-04 04:03 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 06:02 - 2015-02-04 04:03 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 06:02 - 2015-02-04 04:03 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 06:02 - 2015-02-04 04:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 06:02 - 2015-02-04 04:01 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 06:02 - 2015-01-28 00:23 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 06:02 - 2014-12-04 03:31 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 01:58 - 2015-02-11 08:33 - 00000168 _____ () C:\Windows\setupact.log
2015-02-11 01:58 - 2015-02-11 01:58 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-11 01:26 - 2015-02-11 13:27 - 00000691 _____ () C:\Users\Philipp\Desktop\MWB.txt
2015-02-11 01:23 - 2015-02-11 01:23 - 00006145 _____ () C:\Users\Philipp\Desktop\Ad-Aware_Report_Quick_Manual_2015-02-09T14-29-09.581356.xml
2015-02-11 01:22 - 2015-02-11 01:22 - 00000684 _____ () C:\Users\Philipp\Desktop\Ad-Aware_Report_Full_Manual_2015-02-09T21-42-17.355499.xml
2015-02-11 01:17 - 2015-02-11 01:19 - 00000660 _____ () C:\Users\Philipp\Desktop\Ad-Aware_Report_Full_Manual_2015-02-11T01-17-12.170316.xml
2015-02-10 23:08 - 2015-02-10 23:08 - 00001870 _____ () C:\Users\Philipp\Desktop\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a.manifest.old.txt
2015-02-10 22:18 - 2015-02-10 22:20 - 00000000 ____D () C:\Users\Philipp\Downloads\2008-SP1
2015-02-10 22:13 - 2015-02-10 22:17 - 00000000 ____D () C:\Users\Philipp\Downloads\2010_SP1
2015-02-10 22:11 - 2015-02-10 22:12 - 00000000 ____D () C:\Users\Philipp\Downloads\2010
2015-02-10 22:08 - 2015-02-10 22:23 - 00000000 ____D () C:\Users\Philipp\Downloads\2005
2015-02-10 22:07 - 2015-02-10 22:22 - 00000000 ____D () C:\Users\Philipp\Downloads\2008
2015-02-10 22:02 - 2015-02-10 23:04 - 00000000 ____D () C:\Users\Philipp\Downloads\2005_SP1
2015-02-10 21:59 - 2015-02-10 22:13 - 00000000 ____D () C:\Users\Philipp\Downloads\VCREDIST
2015-02-10 21:59 - 2015-02-10 22:04 - 00000000 ____D () C:\Users\Philipp\Downloads\2013
2015-02-10 21:43 - 2015-02-10 23:12 - 00001867 _____ () C:\Users\Philipp\Desktop\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a.manifest
2015-02-10 21:43 - 2011-06-17 02:00 - 00007318 _____ () C:\Users\Philipp\Desktop\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a.cat
2015-02-10 21:23 - 2015-02-10 21:21 - 00000810 _____ () C:\Users\Philipp\Desktop\CheckSUR (2).log
2015-02-10 20:38 - 2015-02-10 18:33 - 00000810 _____ () C:\Users\Philipp\Desktop\CheckSUR.log
2015-02-10 19:44 - 2015-02-10 19:44 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Skype
2015-02-10 19:43 - 2015-02-10 19:43 - 00003074 _____ () C:\Windows\System32\Tasks\{EBDF7BBA-1E2A-4DF4-BDF0-B39EBBBD5912}
2015-02-10 19:28 - 2015-02-10 19:27 - 191993911 _____ () C:\Users\Philipp\Desktop\CBS.log
2015-02-10 18:52 - 2015-02-10 18:59 - 00000000 ____D () C:\Users\Philipp\AppData\Local\elfopatch
2015-02-10 18:00 - 2015-02-10 18:15 - 00000000 ___RD () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steuerung
2015-02-10 16:31 - 2015-02-10 16:31 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\dvdcss
2015-02-10 16:30 - 2015-02-10 16:30 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2015-02-10 16:30 - 2015-02-10 16:30 - 00000000 ____D () C:\Users\Philipp\Corel
2015-02-10 16:30 - 2015-02-10 16:30 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Corel
2015-02-10 16:12 - 2010-01-25 08:37 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2015-02-10 16:12 - 2010-01-25 08:11 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2015-02-10 15:54 - 2015-02-10 15:55 - 00273920 _____ () C:\Windows\setup.log
2015-02-10 15:54 - 2015-02-10 15:54 - 00000000 ____D () C:\Program Files (x86)\Corel
2015-02-10 15:53 - 2015-02-10 15:53 - 00000032 _____ () C:\Windows\UninstDVD8.log
2015-02-10 15:51 - 2015-02-10 16:52 - 00000000 ____D () C:\ProgramData\Corel
2015-02-10 15:02 - 2015-02-10 15:02 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-02-10 14:56 - 2015-02-11 13:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-10 14:56 - 2015-02-10 14:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-10 14:56 - 2015-02-10 14:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-10 14:56 - 2015-02-10 14:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-10 14:56 - 2015-02-10 14:56 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Macromedia
2015-02-10 14:52 - 2015-02-10 14:52 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-02-10 13:27 - 2015-02-10 13:27 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\PDF Architect 2
2015-02-10 13:26 - 2015-02-10 13:26 - 00000000 ____D () C:\Users\Philipp\AppData\Local\pdfforge
2015-02-10 13:26 - 2015-02-10 13:26 - 00000000 ____D () C:\Users\Philipp\AppData\Local\PDFCreator
2015-02-10 13:20 - 2015-02-10 19:46 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet und Kommunikation
2015-02-10 13:20 - 2015-02-10 19:39 - 00000000 ___RD () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bro und hnliches
2015-02-10 13:20 - 2015-02-10 18:05 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sicherheit
2015-02-10 13:19 - 2015-02-10 19:46 - 00000000 ___RD () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multimedia
2015-02-10 12:06 - 2015-02-10 12:06 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\InstallShield
2015-02-09 17:03 - 2015-02-09 17:03 - 00000000 ____D () C:\c9b1b4a0d29fea6a054f
2015-02-09 16:55 - 2015-02-09 16:55 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Intel
2015-02-09 16:54 - 2015-02-09 16:54 - 00000000 ____D () C:\ProgramData\Intel
2015-02-09 16:54 - 2015-02-09 16:54 - 00000000 ____D () C:\Program Files\Intel
2015-02-09 16:54 - 2015-02-09 16:54 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-02-09 16:54 - 2015-02-09 16:54 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-02-09 16:49 - 2015-02-09 16:51 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 2
2015-02-09 16:49 - 2015-02-09 16:49 - 00000000 ____D () C:\Users\Philipp\Documents\PDF Architect 2
2015-02-09 16:47 - 2015-02-09 16:47 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2015-02-09 16:46 - 2015-02-09 16:46 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\pdfforge
2015-02-09 16:45 - 2015-02-09 16:53 - 00000000 ____D () C:\Program Files\PDFCreator
2015-02-09 16:45 - 2015-02-09 16:47 - 00114872 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-02-09 14:55 - 2015-02-09 14:55 - 00001147 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2015-02-09 14:29 - 2015-02-09 14:29 - 00000181 _____ () C:\Windows\WININIT.INI
2015-02-09 14:27 - 2015-02-09 14:27 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-09 14:27 - 2015-02-09 14:27 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Roxio Log Files
2015-02-09 14:25 - 2014-05-14 18:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-02-09 14:25 - 2014-05-14 16:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-02-09 14:25 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-02-09 14:25 - 2014-04-25 13:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-02-09 14:25 - 2014-04-25 13:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-02-09 14:25 - 2014-04-23 17:51 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2015-02-09 14:25 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-02-09 14:25 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-02-09 14:25 - 2014-03-05 05:11 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-02-09 14:25 - 2014-03-05 05:11 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-02-09 14:25 - 2014-03-05 05:11 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-02-09 14:25 - 2014-03-05 05:11 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-02-09 14:25 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-02-09 14:25 - 2014-02-06 11:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-02-09 14:25 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-02-09 14:25 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-02-09 14:25 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-02-09 14:25 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-02-09 14:25 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-02-09 14:25 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-02-09 14:25 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-02-09 14:25 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-02-09 14:25 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-02-09 14:25 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-02-09 14:25 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-02-09 14:25 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-02-09 14:25 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-02-09 14:25 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-02-09 14:25 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-02-09 14:25 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-02-09 14:25 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-02-09 14:25 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-02-09 14:25 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-02-09 14:25 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-02-09 14:25 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-02-09 14:25 - 2010-07-22 16:48 - 00074064 ____N (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-02-09 14:25 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-02-09 14:25 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-02-09 14:25 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-02-09 14:25 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-02-09 14:24 - 2014-05-12 20:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-02-09 14:24 - 2014-04-30 11:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-02-09 14:24 - 2014-04-28 15:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-02-09 14:24 - 2014-04-10 12:20 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-02-09 14:24 - 2014-04-10 12:20 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2015-02-09 14:24 - 2014-04-10 12:19 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2015-02-09 14:24 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-02-09 14:24 - 2014-04-10 12:19 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2015-02-09 14:24 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-02-09 14:24 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-02-09 14:24 - 2014-04-10 12:19 - 00900696 ____N (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2015-02-09 14:24 - 2014-04-09 16:39 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2015-02-09 14:24 - 2014-04-09 16:38 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-02-09 14:24 - 2014-03-19 19:19 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-02-09 14:24 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-02-09 14:24 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-02-09 14:24 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-02-09 14:24 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-02-09 14:24 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-02-09 14:24 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-02-09 14:24 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-02-09 14:24 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-02-09 14:23 - 2014-05-02 11:19 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2015-02-09 14:23 - 2014-04-17 17:42 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-02-09 14:23 - 2014-04-17 17:42 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-02-09 14:23 - 2014-04-17 17:42 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-02-09 14:23 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-02-09 14:23 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-02-09 14:23 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-02-09 14:23 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-02-09 14:23 - 2014-03-21 14:17 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-02-09 14:23 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-02-09 14:23 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-02-09 14:23 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-02-09 14:23 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-02-09 14:23 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-02-09 14:23 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-02-09 14:23 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-02-09 14:23 - 2013-06-21 11:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2015-02-09 14:23 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-02-09 14:23 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-02-09 14:23 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-02-09 14:23 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-02-09 14:19 - 2012-06-05 13:45 - 00237968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtHDMIVX.sys
2015-02-09 14:19 - 2012-05-17 11:29 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64H.dll
2015-02-09 14:19 - 2012-05-17 11:29 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64H.dll
2015-02-09 14:19 - 2012-05-17 11:29 - 00141152 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64H.dll
2015-02-09 14:19 - 2012-05-17 11:29 - 00123744 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64H.dll
2015-02-09 14:19 - 2012-05-17 11:29 - 00074592 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64H.dll
2015-02-09 14:19 - 2011-12-02 14:20 - 03746408 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkHDM64.dll
2015-02-09 14:19 - 2011-09-27 14:04 - 02526824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RHDMEx64.dll
2015-02-09 14:19 - 2011-07-06 13:27 - 00092264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RHCoInst64.dll
2015-02-09 14:19 - 2010-11-08 07:31 - 00372056 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64H.dll
2015-02-09 14:19 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RH3DHT64.dll
2015-02-09 14:19 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RH3DAA64.dll
2015-02-09 14:19 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64H.dll
2015-02-09 14:19 - 2010-11-08 07:31 - 00097624 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64H.dll
2015-02-09 14:19 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64H.dll
2015-02-09 14:01 - 2015-02-10 22:02 - 00000000 ____D () C:\Users\Philipp\Downloads\Treiber
2015-02-09 13:46 - 2015-02-09 13:46 - 00000000 ____D () C:\Program Files\Lavasoft
2015-02-09 13:30 - 2015-02-10 16:32 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\vlc
2015-02-09 13:29 - 2015-02-09 13:29 - 00000000 ____D () C:\Program Files\VideoLAN
2015-02-09 13:22 - 2015-02-11 13:35 - 00000000 ____D () C:\Users\Philipp\Downloads\Sicherheit
2015-02-09 13:22 - 2015-02-10 19:42 - 00000000 ____D () C:\Users\Philipp\Downloads\Multimedia
2015-02-09 13:21 - 2015-02-10 19:45 - 00000000 ____D () C:\Users\Philipp\Downloads\Internet
2015-02-09 13:18 - 2015-02-09 13:18 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-09 13:18 - 2015-02-09 13:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-09 13:10 - 2015-02-09 13:10 - 00003312 _____ () C:\Windows\System32\Tasks\4907
2015-02-09 13:10 - 2015-02-09 13:10 - 00003224 _____ () C:\Windows\System32\Tasks\0
2015-02-09 13:08 - 2015-02-09 13:05 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-09 13:05 - 2015-02-09 13:05 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Avira
2015-02-09 13:03 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-09 13:03 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-09 13:03 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-02-09 12:32 - 2015-02-09 13:19 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Mozilla
2015-02-09 12:04 - 2015-02-09 12:04 - 00000000 ____D () C:\Windows\system32\IO
2015-02-09 11:50 - 2015-02-11 13:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-09 11:50 - 2015-02-09 11:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-09 11:50 - 2015-02-09 11:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-09 11:50 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-09 11:50 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-09 11:50 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-09 10:26 - 2015-02-09 13:03 - 00000000 ____D () C:\ProgramData\Avira
2015-02-09 10:26 - 2015-02-09 13:03 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-09 10:23 - 2015-02-11 08:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-09 10:05 - 2015-02-09 10:05 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\LavasoftStatistics
2015-02-09 09:03 - 2015-02-10 22:00 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 08:41 - 2015-02-09 08:41 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Lavasoft
2015-02-09 08:41 - 2015-02-09 08:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2015-02-09 08:33 - 2015-02-11 06:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-09 01:28 - 2014-09-15 01:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-09 01:02 - 2015-02-09 01:02 - 00000000 ____D () C:\ProgramData\Lavasoft
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-11 12:45 - 2009-10-21 17:34 - 01456562 _____ () C:\Windows\WindowsUpdate.log
2015-02-11 12:43 - 2010-03-28 15:47 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-11 08:42 - 2009-07-14 05:45 - 00015760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-11 08:42 - 2009-07-14 05:45 - 00015760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-11 08:37 - 2012-03-26 20:52 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Spotify
2015-02-11 08:36 - 2010-03-28 15:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-11 08:33 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-11 08:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-02-11 07:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 06:04 - 2009-11-15 09:01 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 06:04 - 2009-10-21 17:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-10 22:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-10 20:11 - 2012-02-06 19:34 - 00000000 ____D () C:\Windows\Minidump
2015-02-10 19:46 - 2010-03-28 15:46 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Skype
2015-02-10 19:44 - 2010-03-28 15:45 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-10 19:44 - 2009-10-21 18:02 - 00000000 ____D () C:\ProgramData\Skype
2015-02-10 19:42 - 2009-11-16 19:06 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2015-02-10 19:42 - 2009-11-16 19:06 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2015-02-10 19:21 - 2011-01-12 10:13 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2015-02-10 18:56 - 2009-11-12 16:25 - 00000000 ____D () C:\Users\Philipp
2015-02-10 18:41 - 2011-05-19 20:51 - 00793916 _____ () C:\Windows\PFRO.log
2015-02-10 18:02 - 2009-11-17 11:30 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spiele
2015-02-10 17:06 - 2011-01-12 10:14 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\elsterformular
2015-02-10 16:58 - 2009-11-12 16:25 - 00119880 _____ () C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-10 16:56 - 2009-07-14 05:45 - 03046160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-10 16:25 - 2011-05-19 20:49 - 00000000 ____D () C:\Update
2015-02-10 16:01 - 2009-11-12 16:33 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Adobe
2015-02-10 15:53 - 2009-08-18 17:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-10 14:59 - 2009-10-21 17:31 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-10 14:56 - 2009-11-14 21:12 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Adobe
2015-02-10 14:53 - 2009-10-21 17:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-10 13:40 - 2009-11-12 16:33 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Google
2015-02-10 13:39 - 2009-10-21 17:41 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-10 12:05 - 2009-08-18 17:57 - 00000000 ____D () C:\Program Files\WIDCOMM
2015-02-10 12:05 - 2009-08-18 17:56 - 00089810 _____ () C:\Windows\DPINST.LOG
2015-02-10 02:02 - 2012-03-26 20:53 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Spotify
2015-02-10 02:02 - 2009-07-14 18:58 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2015-02-10 02:02 - 2009-07-14 18:58 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2015-02-10 02:02 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-09 16:52 - 2009-11-16 11:59 - 00000000 ____D () C:\ProgramData\Temp
2015-02-09 16:10 - 2009-10-21 17:41 - 00000000 ____D () C:\Program Files\Sony
2015-02-09 16:07 - 2009-08-18 19:12 - 00000000 ____D () C:\ProgramData\Sony Corporation
2015-02-09 16:06 - 2009-10-21 17:30 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-02-09 16:05 - 2009-08-18 19:11 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared
2015-02-09 14:55 - 2011-07-23 08:39 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2015-02-09 14:27 - 2009-08-18 18:53 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-02-09 14:26 - 2009-08-18 18:53 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-02-09 14:23 - 2009-11-16 12:02 - 00000000 ____D () C:\ProgramData\CyberLink
2015-02-09 14:18 - 2009-11-16 20:19 - 00000000 ____D () C:\ProgramData\Nero
2015-02-09 13:40 - 2012-05-22 02:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-09 13:40 - 2012-05-22 02:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-09 13:40 - 2009-10-21 17:41 - 00000000 ____D () C:\Program Files\Google
2015-02-09 13:28 - 2012-03-16 22:31 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Facebook
2015-02-09 13:19 - 2009-11-16 19:45 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Mozilla
2015-02-09 13:18 - 2010-04-16 19:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-09 13:11 - 2009-10-21 17:41 - 00000000 ____D () C:\ProgramData\Google
2015-02-09 12:03 - 2010-02-08 11:23 - 00000000 ____D () C:\Users\Philipp\AppData\Local\CrashDumps
2015-02-09 12:00 - 2010-02-15 14:17 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2015-02-09 10:46 - 2011-07-05 21:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-09 10:24 - 2009-11-24 09:57 - 00000000 ____D () C:\ProgramData\Norton
2015-02-09 05:38 - 2010-03-28 15:47 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-09 05:38 - 2010-03-28 15:47 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-09 01:54 - 2009-11-16 19:57 - 00000000 ____D () C:\Program Files (x86)\Winamp
2015-02-09 01:47 - 2009-11-16 21:31 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-09 01:42 - 2009-10-21 17:34 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
==================== Files in the root of some directories =======
2009-12-05 17:54 - 2009-12-13 12:12 - 0000137 _____ () C:\Users\Philipp\AppData\Roaming\default.pls
2009-11-15 09:03 - 2009-11-15 09:03 - 0000000 _____ () C:\Users\Philipp\AppData\Roaming\wklnhst.dat
2009-11-20 22:08 - 2010-02-16 17:40 - 0009216 _____ () C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-09 14:27 - 2015-02-09 14:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-03-28 15:50 - 2010-03-28 15:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2015-02-10 16:30 - 2015-02-10 16:30 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2009-11-16 20:04 - 2009-11-16 20:04 - 0000221 _____ () C:\ProgramData\MusicStation.xml
Some content of TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\avgnt.exe
C:\Users\Philipp\AppData\Local\Temp\bitool.dll
C:\Users\Philipp\AppData\Local\Temp\YSPCUNLR.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-09 02:25
==================== End Of Log ============================
--- --- ---
... und die Addition:
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-02-2015
Ran by Philipp at 2015-02-11 13:37:53
Running from C:\Users\Philipp\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Antivirus (HKLM\...\{A5C0392D-46A7-4CB3-800B-5794909453BD}_AdAwareUpdater) (Version: 11.5.202.7299 - Lavasoft)
AdAwareInstaller (Version: 11.5.202.7299 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.5.202.7299 - Lavasoft) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 7.0 (HKLM-x32\...\PremElem70) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
AGEIA PhysX v7.11.13 (HKLM-x32\...\{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}) (Version: 7.11.13 - AGEIA Technologies, Inc.)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.193 - ArcSoft)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Blue Byte Game Channel (HKLM-x32\...\Blue Byte Game Channel) (Version: - UbiSoft)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
ccc-core-static (x32 Version: 2009.0710.1127.18698 - Ihr Firmenname) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Click to Disc (HKLM-x32\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.73.04270 - Sony Corporation)
Click to Disc (x32 Version: 1.2.73.04270 - Sony Corporation) Hidden
Click to Disc Editor (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.03.04150 - Sony Corporation)
Click to Disc Editor (x32 Version: 2.0.02 - Sony Corporation) Hidden
Conflict Denied Ops (HKLM-x32\...\{EE4BA4C3-6DE4-404C-9B69-A84709BED752}) (Version: 1.00.0000 - Eidos)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: - )
Drucken Total Pro (HKLM-x32\...\{4381448B-AF21-4088-BE5E-FBD65F610BBC}) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
Einstellungen fr VAIO-Inhaltsberwachung (HKLM-x32\...\{06C05B90-2127-4933-8ABA-61833BDE13FA}) (Version: 2.6.0.13120 - Sony Corporation)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular fr Privatanwender und Unternehmer 12.0.0.5880k) (Version: 16.0.15910 - Landesfinanzdirektion Thringen)
Euro Truck Simulator 1.00 (HKLM-x32\...\Euro Truck Simulator) (Version: 1.00 - )
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.00.00 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.21.145 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
IKEA Home Planner (HKLM-x32\...\{AFA9D219-A7FD-4240-8793-E5C7C9D715F4}) (Version: 2.0.1 - IKEA IT)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft – Speichern als PDF – Add-In fr 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B0-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft – Speichern als PDF oder XPS – Add-In fr 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft – Speichern als XPS – Add-In fr 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B1-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Music Transfer (HKLM-x32\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.3.01.13160 - Sony Corporation)
MusicStation (HKLM-x32\...\{51CFD8DC-5C66-42ec-9598-72E28FD62ED5}) (Version: 1.2.2.180 - Omnifone)
Need for Speed™ ProStreet (HKLM-x32\...\{2E1A71D5-7897-4F3F-B0E3-B412C86A646D}) (Version: 1.0.1.0 - Electronic Arts)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixum EasyBook (HKLM-x32\...\Pixum EasyBook) (Version: - )
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.0.0.07300 - Sony Corporation)
Setup_msm_VCMS_x64 (Version: 2.6.0.06040 - Sony Corporation) Hidden
Setup_msm_VOFS_x64 (Version: 2.4.0.16010 - Sony Corporation) Hidden
Setup_VEP_x64_Contain_SSDB_VCSW (Version: 3.9.30.19080 - Sony Corporation) Hidden
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SOHLib Merge Module (x32 Version: 2.2.0.11240 - Sony Corporation) Hidden
Sony Home Network Library (HKLM-x32\...\{A6B90666-2A1F-49E8-A40E-27EAAD11C096}) (Version: 2.2.0.13270 - Sony Corporation)
Sony Home Network Library (x32 Version: 2.0.0.07280 - Sony Corporation) Hidden
Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.12.16210 - Sony Corporation)
Spotify (HKU\S-1-5-21-3325936630-1017222350-922930496-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.000 - Firefly Studios)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Untersttzung fr VAIO-Prsentation (HKLM-x32\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 2.0.0.05270 - Sony Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update fr Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update fr Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update fr Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update fr Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{F8B40DB4-FD07-4368-AA57-34F2B0839683}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.5.0.06261 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Network Service Manager (HKLM\...\{725D5BA4-E9FA-452B-8CF5-D7E5F8055C71}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Content Metadata Manager Settings (HKLM\...\{8FE3CF66-4484-4D39-B47D-DEBBA173619D}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM\...\{97C58294-36D8-4594-8A49-7AB4AE096504}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.0.0.06120 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.1.01.06290 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Energie Verwaltung (HKLM-x32\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 4.0.0.07160 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{0489D044-6386-4BDF-9F98-577D60CF79DD}) (Version: 3.9.30.19080 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.0.0.07010 - Sony Corporation)
VAIO FW screensaver (HKLM-x32\...\VAIO FW screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Marketing Tools (HKLM-x32\...\MarketingTools) (Version: - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.0.07280 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 1.2.0.09100 - Sony Corporation)
VAIO Movie Story (HKLM-x32\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.5.01.05120 - Sony Corporation)
VAIO Movie Story (x32 Version: 1.5.00.06191 - Sony Corporation) Hidden
VAIO Movie Story 1.5 Upgrade (x32 Version: 1.5.01.05120 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM-x32\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.5.01.05120 - Sony Corporation)
VAIO Original Funktion Einstellungen (HKLM-x32\...\{04EAE65A-CDCF-480F-B754-5C3A9364239C}) (Version: 2.4.0.19040 - Sony Corporation)
VAIO Premium Partners 1.00 (HKLM-x32\...\VAIO Premium Partners 1.00) (Version: - )
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
VAIO-Support fr bertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.2.06030 - Sony Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2011-04-13 14:56 - 00000908 ____R C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0C3C93F9-C9FB-4EB6-9307-F168CD4A5DF1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.)
Task: {1C73D3EC-AE6F-4894-8AD1-CB65A3196624} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.)
Task: {379A0A53-BFC1-4EC5-B851-317B738EB5C3} - System32\Tasks\{CD74A4E5-800E-41AA-A09C-FDDB9018E5DF} => C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE [2014-11-13] (Microsoft Corporation)
Task: {38D2A99B-91D8-4AD2-AF7C-C06219CBE706} - System32\Tasks\{3C9D8347-0C2E-44A1-9A73-337E0D45706A} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23] (Skype Technologies S.A.)
Task: {3BAD0CC5-CB51-4845-8678-7FD38ADF9F3E} - System32\Tasks\{EBDF7BBA-1E2A-4DF4-BDF0-B39EBBBD5912} => Firefox.exe hxxp://ui.skype.com/ui/0/7.1.60.105/de/abandoninstall?page=tsBing
Task: {475C33B7-6CAE-4E95-A6F2-77CC16745CBD} - System32\Tasks\{D7326B88-A99B-406B-8427-CBE98D1A7273} => C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE [2014-11-13] (Microsoft Corporation)
Task: {565D4059-1C34-48B0-AE27-3FC132BEA0D1} - System32\Tasks\{A6C84F44-1577-429E-B26F-67FDDF775E5F} => C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE [2014-11-13] (Microsoft Corporation)
Task: {571C6C81-EEEE-4F03-AE47-5851CD132797} - System32\Tasks\{09C39ACF-4F30-4ABF-AFD4-2604C03AA8A9} => C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE [2014-11-13] (Microsoft Corporation)
Task: {6DFCFD9F-8D5B-4CF3-AAF3-E3988AC83FCA} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {703494C0-3E7A-4BEE-BB33-EE201361CF48} - \Funmoods No Task File <==== ATTENTION
Task: {77CFAC2D-1BD0-47ED-A897-3F5315EAAC56} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {809B1EBA-F13D-4D3A-BBFD-94D02ABA440F} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe
Task: {81F3513F-CA67-46FE-B452-58AC06723AFD} - System32\Tasks\4907 => Wscript.exe C:\Users\Philipp\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {8AE61B01-82A0-485F-94AE-887CC6B7D165} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {8D593C7F-3AA4-4A99-9C47-88406E0B966F} - System32\Tasks\Java Update Scheduler => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {A323E009-5C0E-4186-8902-7DB9CBDA57CE} - System32\Tasks\{B6581EF2-70A3-4BE7-A142-FBE50A21EB17} => C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE [2014-11-13] (Microsoft Corporation)
Task: {A8099C4F-FA74-4BCD-A33F-1BE3F5F44565} - System32\Tasks\{2BBF9CAD-6D8A-4FFA-B5F8-744019795861} => C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE [2014-11-13] (Microsoft Corporation)
Task: {BB61A82B-3D2C-4B26-8C71-DF09A7D5D8CD} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {BF8EC4A7-832E-4287-BF0D-28FB8FE15144} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {C4DE3F10-CC53-4A0A-905E-28D4E7983126} - System32\Tasks\SONY\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {CB9677DD-1727-4044-9A52-33B3FFEB61D0} - System32\Tasks\{3D669ECB-014E-475D-8A9D-D73BD8C05ECB} => C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE [2014-11-13] (Microsoft Corporation)
Task: {CD2280D5-4DC3-4D09-80BD-A7A6DE5EFCFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-10] (Adobe Systems Incorporated)
Task: {CD562783-E64B-470B-88B8-45C7C431EDAA} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {CF9C331A-70DD-4D6E-B11B-DFE162CEC99F} - System32\Tasks\{0062A0AE-89A3-4D51-AB02-9EE5992FC129} => pcalua.exe -a C:\Users\Philipp\Desktop\dm-digifoto-V2.exe -d C:\Users\Philipp\Desktop
Task: {EE5F2A3E-8149-4916-8A29-9CE68C2043B9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-12-18 15:09 - 2014-12-18 15:09 - 00713568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe
2014-12-18 15:22 - 2014-12-18 15:22 - 00107352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_thread-vc100-mt-1_57.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_system-vc100-mt-1_57.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_chrono-vc100-mt-1_57.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_date_time-vc100-mt-1_57.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00125792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_filesystem-vc100-mt-1_57.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 12716368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareServiceKernel.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\RCF.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00786264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_regex-vc100-mt-1_57.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00736584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareActivation.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00474968 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareApplicationUpdater.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00812360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareGamingMode.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00099136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareReset.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00119616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTime.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00957784 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareDefinitionsUpdater.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00867688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareDefinitionsUpdaterScheduler.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01107272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareIgnoreList.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00248648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareQuarantine.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01009496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiMalwareEngine.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiRootkitEngine.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01171280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareScannerHistory.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01295680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareScanner.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_timer-vc100-mt-1_57.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00975704 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareScannerScheduler.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01091416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareRealTimeProtection.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareIncompatibles.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00894280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiSpam.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00849232 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiPhishing.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareParentalControl.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 02953040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareWebProtection.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01251664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareEmailProtection.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00053600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_iostreams-vc100-mt-1_57.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01289048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareNetworkProtection.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00968000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwarePromo.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00360776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareFeedback.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 02785112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareThreatWorkAlliance.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01228608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwarePinCode.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00968000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareNotice.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAvcEngine.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01177960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareRealTimeProtectionHistory.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00152896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\SecurityCenter.dll
2009-11-16 11:56 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files\WinRAR\rarext64.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 08947008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe
2014-12-18 15:22 - 2014-12-18 15:22 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_locale-vc100-mt-1_57.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 02130752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\HtmlFramework.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\DllStorage.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTrayDefaultSkin.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\Localization.dll
2015-02-09 13:18 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-02-10 14:56 - 2015-02-10 14:56 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3325936630-1017222350-922930496-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3325936630-1017222350-922930496-500 - Administrator - Disabled)
Gast (S-1-5-21-3325936630-1017222350-922930496-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3325936630-1017222350-922930496-1002 - Limited - Enabled)
Philipp (S-1-5-21-3325936630-1017222350-922930496-1000 - Administrator - Enabled) => C:\Users\Philipp
==================== Faulty Device Manager Devices =============
Name: AC0TXZDC IDE Controller
Description: AC0TXZDC IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service: al783lyb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/11/2015 01:31:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fr "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungltige XML-Syntax.
Error: (02/11/2015 01:31:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fr "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungltige XML-Syntax.
Error: (02/11/2015 01:31:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fr "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungltige XML-Syntax.
Error: (02/11/2015 01:31:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fr "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungltige XML-Syntax.
Error: (02/11/2015 01:31:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fr "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungltige XML-Syntax.
Error: (02/11/2015 01:31:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fr "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungltige XML-Syntax.
Error: (02/11/2015 01:31:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fr "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungltige XML-Syntax.
Error: (02/11/2015 01:31:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fr "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungltige XML-Syntax.
Error: (02/11/2015 01:31:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fr "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungltige XML-Syntax.
Error: (02/11/2015 01:31:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fr "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungltige XML-Syntax.
System errors:
=============
Error: (02/11/2015 08:33:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VAIO Event Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (02/11/2015 08:33:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Nero BackItUp Scheduler 3" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (02/11/2015 06:23:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate fr Microsoft Office Compatibility Pack Service Pack 3 (KB2956097)
Error: (02/11/2015 06:23:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073712 fehlgeschlagen: Windows 7 Service Pack 1 fr x64-basierte Systeme (KB976932)
Error: (02/11/2015 06:15:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update fr Microsoft Office Outlook 2007 Junk Email Filter (KB2956096)
Error: (02/11/2015 06:15:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate fr Microsoft Office Word 2007 (KB2956099)
Error: (02/11/2015 06:14:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update fr Microsoft Office 2007 suites (KB2596787)
Error: (02/11/2015 06:14:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate fr Microsoft Office 2007 suites (KB2920795)
Error: (02/11/2015 06:14:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate fr Microsoft Office Excel 2007 (KB2920788)
Error: (02/11/2015 05:34:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-02-10 16:30:35.657
Description: Die Abbildintegritt der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht berprft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-10 16:30:35.516
Description: Die Abbildintegritt der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht berprft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-10 16:30:35.362
Description: Die Abbildintegritt der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht berprft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-10 16:30:35.116
Description: Die Abbildintegritt der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht berprft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-10 16:30:34.918
Description: Die Abbildintegritt der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht berprft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-10 16:30:34.749
Description: Die Abbildintegritt der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht berprft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-10 16:30:34.586
Description: Die Abbildintegritt der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht berprft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-10 16:30:34.398
Description: Die Abbildintegritt der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht berprft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-10 16:30:34.113
Description: Die Abbildintegritt der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht berprft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-10 16:30:33.641
Description: Die Abbildintegritt der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht berprft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
Percentage of memory in use: 68%
Total physical RAM: 4063.02 MB
Available physical RAM: 1283.49 MB
Total Pagefile: 8124.18 MB
Available Pagefile: 5265.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:454.57 GB) (Free:325.63 GB) NTFS
Drive g: (BRS0EGF1) (CDROM) (Total:7.79 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 02A34C11)
Partition 1: (Not Active) - (Size=11.1 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================
--- --- --- |
WinSXS x86 VC++ Redistibutable: Manifestdatei fehlerhaft, Win7 SP1 lsst sich nicht installieren
(https://www.trojaner-board.de/163845-winsxs-x86-vc-redistibutable-manifestdatei-fehlerhaft-win7-sp1-laesst-installieren.html)
FRST 32-Bit | FRST 64-Bit
Lesestoff:
AdwCleaner auf deinen Desktop.
