Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Keine Internetverbindung nach Deinstallation von UniBlue (https://www.trojaner-board.de/155267-keine-internetverbindung-deinstallation-uniblue.html)

bdon 15.06.2014 14:20
Keine Internetverbindung nach Deinstallation von UniBlue
 
Hallo geschätzte Community,

ich habe ein etwas außergewöhnliches Problem und bitte euch daher um Hilfe.

Problem:
Der PC zeigt eine intakte Internetverbindung an (Netzwerkkabel gesteckt), möchte man nun eine Webseite aufrufen, funktioniert dies aber nicht. Es wurde der Internet Explorer sowie der Mozilla Firefox ausprobiert. Beim Internet Explorer kommt die Meldung "Die Seite kann nicht angezeigt werden".
Sobald ich aber irgendeine Webseite anpinge, bekomme ich eine Antwort.

Da ich aber weiss, dass ein Ping nicht, wie ein Aufruf im Web auf TCP Ebene arbeitet, kann ich dies nicht vergleichen. Vorweg liegt es nicht am Router, da andere Rechner hier funktionieren.

vermutliche Ursache:
Es handelt sich hierbei um ein Rechner von einem Freund. Er teilte mir mit, sich das Programm "Uniblue Speedupmypc" heruntergeladen zu haben. Jedoch deinstallierte er es dann wieder und hatte anschliessend genau das oben geschilderte Problem. Ich gehe davon aus, dass bei der Deinstallation irgendetwas gelöscht oder verändert wurde, was nicht zwingend mit diesem Programm zu tun hat.

Was wurde bisher unternommen:
Zu Beginn habe ich die Browser-Einträge gecheckt, ob eine Proxy oder dergleichen eingetragen wurde.

Dann sicherte und löschte ich in der Registry die WinSock und WinSock2 Einträge. Im nächsten Schritt wurde das Internetprotokoll der Version 4 deinstalliert um es dann wieder zu installieren. Leider brachte dies nicht den gewünschten Erfolg.

Anschließend hab ich die WinSOck Einträge von einem funktionierenden Rechner rüberkopiert. Leider auch hier kein Erfolg.

Im Endeffekt wurde alles nur noch schlimmer, denn nun existierte leider keine funktionierende Internetverbindung mehr.

Daher habe ich das System auf den Status zurückgesetzt, bevor ich Änderungen am System durchgeführt habe.

Logfile Defogger.txt
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:44 on 15/06/2014 (Sony)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Logfile First.txt
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Sony (administrator) on SONY-VAIO on 15-06-2014 14:49:32
Running from G:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\AAVUpdateManager\aavus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [t4pc_en_4] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-2498480923-3533779338-1781523399-1000\...\MountPoints2: {0d4997ff-facb-11e2-b9d8-002643419b99} - G:\LGAutoRun.exe
HKU\S-1-5-21-2498480923-3533779338-1781523399-1000\...\MountPoints2: {d9b709bd-f708-11de-90a5-806e6f6e6963} - F:\data\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:50382;https=127.0.0.1:50382
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1402235839&from=tugs&uid=ST9500325AS_5VE460HMXXXX5VE460HM&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
SearchScopes: HKCU - DefaultScope {ED3733E5-E045-4FC3-93DA-0E4074705215} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&rlz=1I7SUNC_deDE356
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119550&babsrc=SP_def&mntrId=CC850022FBCC1367
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {B32F36EF-CF66-48D0-B0BE-384D75573BFA} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
SearchScopes: HKCU - {DE4A6AE1-B534-4189-B0B5-4326DFF511CB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
SearchScopes: HKCU - {EA15911A-2C90-4CBE-B652-B7AA38F54D8D} URL = hxxp://services.zinio.com/search?s={selection}&rf=sonyslices
SearchScopes: HKCU - {ED3733E5-E045-4FC3-93DA-0E4074705215} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&rlz=1I7SUNC_deDE356
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
SearchScopes: HKCU - {F1F1C601-D08D-4F47-BA5C-D3E5277FE98C} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=32C1DE83-D623-4B7B-88CD-C1AEF4321975&apn_sauid=E9238D36-5628-416E-83E1-3655F4516201
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 16 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default
FF NewTab: about:home
FF DefaultSearchEngine: Wikipedia (de)
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 - C:\Program Files (x86)\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll (Google)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\abs@avira.com [2014-06-07]
FF Extension: Ghostery - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\firefox@ghostery.com.xpi [2014-05-09]
FF Extension: GMX MailCheck - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\toolbar@gmx.net.xpi [2011-12-28]
FF Extension: Adblock Plus - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-11]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-08-28] (Macrovision Europe Ltd.) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-08] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-08] (globalUpdate) [File not signed]
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-06-26] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-06-26] (Sonic Solutions)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-24] (Realtek Semiconductor)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [74496 2010-09-27] (Sony Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
S3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [312136 2010-09-27] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 dump_wmimmc; No ImagePath
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-15 14:49 - 2014-06-15 14:49 - 00000000 ____D () C:\FRST
2014-06-15 14:44 - 2014-06-15 14:44 - 00000000 _____ () C:\Users\Sony\defogger_reenable
2014-06-15 13:17 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-15 13:17 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-15 13:16 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-15 13:16 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-15 13:16 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-15 13:16 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-15 13:16 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-15 13:16 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-15 13:16 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-15 13:16 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-15 13:16 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-15 13:16 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-15 13:16 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-15 13:16 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-15 13:16 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-15 13:16 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-15 13:16 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-15 13:16 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-15 13:16 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-15 13:16 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-15 13:16 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-15 13:16 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-15 13:16 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-15 13:16 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-15 13:16 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-15 13:16 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-15 13:16 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-15 13:16 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-15 13:16 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-15 13:16 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-15 13:16 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-15 13:16 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-15 13:16 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-15 13:16 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-15 13:16 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-15 13:16 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-15 13:16 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-15 13:16 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-15 13:16 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-15 13:16 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-15 13:16 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-15 13:16 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-15 13:16 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-15 13:16 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-15 13:16 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-15 13:16 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-15 13:16 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-15 13:16 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-15 13:16 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-15 13:16 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-15 13:16 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-15 13:16 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-15 13:16 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-15 13:16 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-15 13:16 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-15 13:16 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-15 13:16 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-15 13:16 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-15 13:16 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-15 13:16 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-15 13:16 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-15 13:16 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-15 13:16 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-15 13:16 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-15 13:16 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 21:07 - 2014-06-12 21:07 - 00007686 _____ () C:\WirelessDiagLog.csv
2014-06-12 20:10 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 20:52 - 2014-06-14 22:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 20:47 - 2014-06-11 20:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 20:45 - 2014-06-14 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-11 20:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-11 20:45 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-11 20:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-11 20:26 - 2014-06-11 20:26 - 00001076 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-06-09 14:47 - 2014-06-09 14:47 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchApp
2014-06-08 17:34 - 2014-06-08 17:34 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Optimizer Elite Max
2014-06-08 17:29 - 2014-06-11 20:24 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Activeris
2014-06-08 17:29 - 2014-06-08 17:42 - 00000298 _____ () C:\Windows\Tasks\PCHelpers_period.job
2014-06-08 17:29 - 2014-06-08 17:38 - 00000298 _____ () C:\Windows\Tasks\PCHelpers1st.job
2014-06-08 17:29 - 2014-06-08 17:34 - 00002872 _____ () C:\Windows\System32\Tasks\PCHelpers_period
2014-06-08 17:29 - 2014-06-08 17:29 - 00002682 _____ () C:\Windows\System32\Tasks\PCHelpers1st
2014-06-08 16:45 - 2014-06-08 16:45 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-08 16:39 - 2014-06-08 16:39 - 00000000 ____D () C:\Users\Sony\AppData\Local\freeSOFTtoday
2014-06-08 16:00 - 2014-03-12 16:00 - 00338120 _____ (SecureAssist) C:\Windows\system32\SecureAssist64.dll
2014-06-08 15:59 - 2014-06-08 15:59 - 00000000 ____D () C:\Users\Sony\AppData\Local\com
2014-06-08 15:58 - 2014-06-14 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
2014-06-08 15:58 - 2014-06-11 21:12 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-08 15:58 - 2014-06-11 21:07 - 00000000 ____D () C:\temp
2014-06-08 15:58 - 2014-06-11 21:07 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-08 15:58 - 2014-06-08 17:34 - 00000900 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-08 15:58 - 2014-06-08 17:29 - 00003898 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-08 15:58 - 2014-06-08 17:29 - 00003644 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-08 15:58 - 2014-06-08 15:58 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\SupTab
2014-06-08 15:58 - 2014-06-08 15:58 - 00000000 _____ () C:\end
2014-06-08 15:57 - 2014-06-15 14:12 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-08 15:57 - 2014-06-08 15:57 - 00000000 ____D () C:\Users\Sony\AppData\Local\globalUpdate
2014-06-08 15:57 - 2014-06-08 15:57 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-08 15:56 - 2014-06-11 20:46 - 00000000 ____D () C:\Program Files\003
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieUserList
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieSiteList
2014-05-25 13:17 - 2014-05-25 13:17 - 00138422 _____ () C:\Users\Sony\Desktop\steuer 2013.ESt2013
2014-05-25 09:53 - 2014-05-25 09:53 - 00000000 ____D () C:\Users\Sony\Documents\Steuerfälle
2014-05-25 09:52 - 2014-05-25 09:52 - 00000000 ____D () C:\Program Files (x86)\AAVUpdateManager
2014-05-25 09:51 - 2014-05-25 09:51 - 00001896 _____ () C:\Users\Public\Desktop\Steuer-Sparer 2014.lnk
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\Users\Sony\AppData\Local\AAV
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2014
2014-05-25 09:49 - 2014-05-25 09:51 - 00000000 ____D () C:\Program Files (x86)\Steuer-Sparer 2014
2014-05-25 09:48 - 2014-05-25 09:48 - 00000000 ____D () C:\ProgramData\AAV
2014-05-22 20:21 - 2014-05-22 20:21 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk

==================== One Month Modified Files and Folders =======

2014-06-15 14:49 - 2014-06-15 14:49 - 00000000 ____D () C:\FRST
2014-06-15 14:49 - 2009-10-08 08:57 - 00000000 ____D () C:\Users\Sony\AppData\Local\Temp
2014-06-15 14:48 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-15 14:48 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-15 14:44 - 2014-06-15 14:44 - 00000000 _____ () C:\Users\Sony\defogger_reenable
2014-06-15 14:44 - 2009-10-08 08:57 - 01736005 _____ () C:\Windows\WindowsUpdate.log
2014-06-15 14:44 - 2009-10-08 08:57 - 00000000 ____D () C:\Users\Sony
2014-06-15 14:44 - 2009-07-14 06:51 - 00314724 _____ () C:\Windows\setupact.log
2014-06-15 14:28 - 2012-03-30 09:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-15 14:15 - 2009-07-14 19:58 - 00699712 _____ () C:\Windows\system32\perfh007.dat
2014-06-15 14:15 - 2009-07-14 19:58 - 00149820 _____ () C:\Windows\system32\perfc007.dat
2014-06-15 14:15 - 2009-07-14 07:13 - 01620812 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 14:13 - 2013-03-17 21:12 - 00004140 _____ () C:\Windows\System32\Tasks\Google Software Updater
2014-06-15 14:13 - 2013-03-17 21:12 - 00001034 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-06-15 14:12 - 2014-06-08 15:57 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-15 14:12 - 2011-01-01 22:26 - 00000342 _____ () C:\Windows\Tasks\RegistryBooster.job
2014-06-15 14:12 - 2010-01-30 20:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-15 14:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-15 14:08 - 2013-08-15 21:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-15 14:07 - 2009-11-02 20:58 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-15 14:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-15 14:04 - 2014-05-06 21:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-15 13:15 - 2009-10-08 09:00 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6173D358-3C57-47CA-8936-3CEC92355946}
2014-06-15 13:10 - 2010-01-30 20:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-15 13:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-06-15 13:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-14 22:52 - 2014-06-11 20:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 22:52 - 2014-06-11 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-14 22:52 - 2014-06-08 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
2014-06-14 22:52 - 2013-11-04 12:04 - 00000000 ____D () C:\Users\Sony\AppData\Local\Ubisoft
2014-06-14 22:52 - 2009-10-08 09:00 - 00000000 ____D () C:\Users\Sony\AppData\Local\Sony_Corporation
2014-06-14 22:52 - 2009-08-18 20:12 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-06-14 22:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-14 22:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-14 22:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-14 22:07 - 2013-11-04 12:04 - 00000000 __SHD () C:\Users\Sony\wc
2014-06-12 21:07 - 2014-06-12 21:07 - 00007686 _____ () C:\WirelessDiagLog.csv
2014-06-12 19:59 - 2012-07-30 21:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 19:59 - 2009-08-28 13:20 - 00784910 _____ () C:\Windows\PFRO.log
2014-06-12 19:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-06-11 21:12 - 2014-06-08 15:58 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-11 21:11 - 2011-01-01 22:25 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Uniblue
2014-06-11 21:07 - 2014-06-08 15:58 - 00000000 ____D () C:\temp
2014-06-11 21:07 - 2014-06-08 15:58 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-11 20:55 - 2014-05-10 21:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-06-11 20:49 - 2014-06-11 20:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 20:46 - 2014-06-08 15:56 - 00000000 ____D () C:\Program Files\003
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-11 20:29 - 2009-11-02 20:38 - 00000000 ____D () C:\ProgramData\Google
2014-06-11 20:29 - 2009-10-08 09:01 - 00000000 ____D () C:\Users\Sony\AppData\Local\Google
2014-06-11 20:29 - 2009-08-28 12:58 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-11 20:27 - 2009-10-08 08:58 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-11 20:26 - 2014-06-11 20:26 - 00001076 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-06-11 20:26 - 2014-03-08 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-11 20:26 - 2014-03-08 20:54 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-11 20:26 - 2014-03-08 20:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-11 20:26 - 2011-10-16 20:53 - 00000000 ____D () C:\ProgramData\Avira
2014-06-11 20:24 - 2014-06-08 17:29 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Activeris
2014-06-09 14:47 - 2014-06-09 14:47 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchApp
2014-06-08 17:49 - 2011-12-28 17:06 - 00002092 _____ () C:\Users\Sony\Desktop\eBay.lnk
2014-06-08 17:49 - 2011-12-04 17:41 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-08 17:49 - 2011-12-04 17:41 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-08 17:49 - 2009-10-08 08:59 - 00001425 _____ () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-08 17:43 - 2009-10-08 08:58 - 00096240 _____ () C:\Users\Sony\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 17:42 - 2014-06-08 17:29 - 00000298 _____ () C:\Windows\Tasks\PCHelpers_period.job
2014-06-08 17:42 - 2009-07-14 06:45 - 00402920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-08 17:38 - 2014-06-08 17:29 - 00000298 _____ () C:\Windows\Tasks\PCHelpers1st.job
2014-06-08 17:38 - 2013-11-04 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher
2014-06-08 17:38 - 2009-08-28 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Premium Partners
2014-06-08 17:34 - 2014-06-08 17:34 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Optimizer Elite Max
2014-06-08 17:34 - 2014-06-08 17:29 - 00002872 _____ () C:\Windows\System32\Tasks\PCHelpers_period
2014-06-08 17:34 - 2014-06-08 15:58 - 00000900 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-08 17:29 - 2014-06-08 17:29 - 00002682 _____ () C:\Windows\System32\Tasks\PCHelpers1st
2014-06-08 17:29 - 2014-06-08 15:58 - 00003898 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-08 17:29 - 2014-06-08 15:58 - 00003644 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-08 16:45 - 2014-06-08 16:45 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-08 16:39 - 2014-06-08 16:39 - 00000000 ____D () C:\Users\Sony\AppData\Local\freeSOFTtoday
2014-06-08 16:00 - 2014-03-21 12:27 - 00005624 _____ () C:\Windows\system32\SecureAssist.ini
2014-06-08 16:00 - 2014-03-21 12:27 - 00002576 _____ () C:\Windows\SysWOW64\SecureAssistOff.ini
2014-06-08 16:00 - 2014-03-21 12:27 - 00002576 _____ () C:\Windows\system32\SecureAssistOff.ini
2014-06-08 15:59 - 2014-06-08 15:59 - 00000000 ____D () C:\Users\Sony\AppData\Local\com
2014-06-08 15:58 - 2014-06-08 15:58 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\SupTab
2014-06-08 15:58 - 2014-06-08 15:58 - 00000000 _____ () C:\end
2014-06-08 15:57 - 2014-06-08 15:57 - 00000000 ____D () C:\Users\Sony\AppData\Local\globalUpdate
2014-06-08 15:57 - 2014-06-08 15:57 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-08 11:13 - 2014-06-15 13:17 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-15 13:17 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 20:24 - 2014-03-08 20:56 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-03 20:24 - 2014-03-08 20:56 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-31 18:40 - 2009-11-02 23:08 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Skype
2014-05-30 12:21 - 2014-06-15 13:16 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-15 13:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-15 13:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-15 13:16 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-15 13:16 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-15 13:16 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-15 13:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-15 13:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-15 13:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-15 13:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-15 13:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 20:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-15 13:16 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-15 13:16 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-15 13:16 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-15 13:16 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-15 13:16 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-15 13:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-15 13:16 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-15 13:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-15 13:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-15 13:16 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-15 13:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-15 13:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-15 13:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-15 13:16 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-15 13:16 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-15 13:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-15 13:16 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-15 13:16 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-15 13:16 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-15 13:16 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-15 13:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-15 13:16 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-15 13:16 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-15 13:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-15 13:16 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-15 13:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-15 13:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-15 13:16 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-15 13:16 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-15 13:16 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-15 13:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-15 13:16 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-15 13:16 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-15 13:16 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-15 13:16 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-15 13:16 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-15 13:16 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-15 13:16 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-15 13:16 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-15 13:16 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieUserList
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieSiteList
2014-05-25 13:17 - 2014-05-25 13:17 - 00138422 _____ () C:\Users\Sony\Desktop\steuer 2013.ESt2013
2014-05-25 09:53 - 2014-05-25 09:53 - 00000000 ____D () C:\Users\Sony\Documents\Steuerfälle
2014-05-25 09:52 - 2014-05-25 09:52 - 00000000 ____D () C:\Program Files (x86)\AAVUpdateManager
2014-05-25 09:51 - 2014-05-25 09:51 - 00001896 _____ () C:\Users\Public\Desktop\Steuer-Sparer 2014.lnk
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\Users\Sony\AppData\Local\AAV
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2014
2014-05-25 09:51 - 2014-05-25 09:49 - 00000000 ____D () C:\Program Files (x86)\Steuer-Sparer 2014
2014-05-25 09:48 - 2014-05-25 09:48 - 00000000 ____D () C:\ProgramData\AAV
2014-05-24 20:36 - 2012-12-03 23:42 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-22 20:22 - 2011-06-16 20:38 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-05-22 20:21 - 2014-05-22 20:21 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-05-22 20:21 - 2009-08-28 12:59 - 00000000 ____D () C:\Program Files\Sony
2014-05-22 20:21 - 2009-08-18 18:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-22 20:19 - 2010-01-01 19:08 - 00000000 ____D () C:\Update

Some content of TEMP:
====================
C:\Users\Sony\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-08 17:22

==================== End Of Log ============================

Logfile Addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02
Ran by Sony at 2014-06-15 14:50:19
Running from G:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1.3 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 7.0 (HKLM-x32\...\PremElem70) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 7.0 (x32 Version: 7.0.1.3 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Adobe® Photoshop® Album Starter Edition 3.2 (HKLM-x32\...\Adobe® Photoshop® Album Starter Edition 3.2) (Version: 3.2.0 - hxxp://www.adobe.de)
Adobe® Photoshop® Album Starter Edition 3.2 (x32 Version: 3.2.0 - Adobe Systems, Inc.) Hidden
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.193 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{A4BC24CB-F8C7-27FB-41D5-47A405031A41}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Canon MP600 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600) (Version:  - )
Canon MP600 Benutzerregistrierung (HKLM-x32\...\Canon MP600 Benutzerregistrierung) (Version:  - )
Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0710.1127.18698 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help English (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help French (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help German (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0710.1127.18698 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0710.1127.18698 - ATI) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Click to Disc (HKLM-x32\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.73.04270 - Sony Corporation)
Click to Disc (x32 Version: 1.2.73.04270 - Sony Corporation) Hidden
Click to Disc Editor (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.03.04150 - Sony Corporation)
Click to Disc Editor (x32 Version: 2.0.02 - Sony Corporation) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel WinDVD (HKLM-x32\...\{33017152-D6EA-46DD-93E0-7D2679CCBB51}) (Version: 8.8.0.282 - Corel Inc.)
dm Fotowelt (HKLM-x32\...\dm Fotowelt) (Version:  - )
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version:  - )
Dolby Control Center (HKLM\...\{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}) (Version: 1.2.0702 - Dolby)
DomaIQ (HKLM-x32\...\DomaIQ Uninstaller) (Version:  - Tuguu SLU) <==== ATTENTION
Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)
Einstellungen für VAIO-Inhaltsüberwachung (HKLM-x32\...\{06C05B90-2127-4933-8ABA-61833BDE13FA}) (Version: 2.6.0.11050 - Sony Corporation)
ElsterFormular (HKLM-x32\...\ElsterFormular 13.1.1.8479p) (Version: 13.1.1.8479p - Landesfinanzdirektion Thüringen)
Foto Paradies (HKLM-x32\...\Foto Paradies) (Version:  - )
Free Audio CD Burner version 1.2 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.2 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version:  - DVDVideoSoft Limited.)
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.1970.7372 - Google Inc.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.8 - Ubisoft)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Transfer (HKLM-x32\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.3.01.13160 - Sony Corporation)
MusicStation (HKLM-x32\...\{51CFD8DC-5C66-42ec-9598-72E28FD62ED5}) (Version: 1.2.2.180 - Omnifone)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5897 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5886 - Realtek Semiconductor Corp.)
Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation)
Remote Play with PlayStation 3 (x32 Version: 1.0.0.15090 - Sony Corporation) Hidden
Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Easy Media Creator Home (x32 Version: 10.3.121 - Roxio) Hidden
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.0.0.07300 - Sony Corporation)
Setup_msm_VCMS_x64 (Version: 2.6.0.06040 - Sony Corporation) Hidden
Setup_msm_VOFS_x64 (Version: 2.3.0.09270 - Sony Corporation) Hidden
Setup_VEP_x64_Contain_SSDB_VCSW (Version: 3.9.0.09270 - Sony Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SOHLib Merge Module (x32 Version: 2.2.0.11240 - Sony Corporation) Hidden
Sony Ericsson Media Manager 1.0 (HKLM-x32\...\{5C72622B-643D-4296-B57D-5D53D0C68509}) (Version: 1.0.330 - Sony Ericsson)
Sony Home Network Library (HKLM-x32\...\{A6B90666-2A1F-49E8-A40E-27EAAD11C096}) (Version: 2.2.0.11240 - Sony Corporation)
Sony Home Network Library (x32 Version: 2.0.0.07280 - Sony Corporation) Hidden
Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.12.16210 - Sony Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steuer-Sparer 2014 (HKLM-x32\...\{943F3FFF-6A9B-4F9C-889E-433A5D7ABC4B}) (Version: 19.02.10 - Akademische Arbeitsgemeinschaft)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
SweetIM for Messenger 3.4 (HKLM-x32\...\{F70AE624-2B41-476F-BC9C-0A7F158C3F15}) (Version: 3.4.0005 - SweetIM Technologies Ltd.) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unterstützung für VAIO-Präsentation (HKLM-x32\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 2.0.0.05270 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.2.08070 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{F8B40DB4-FD07-4368-AA57-34F2B0839683}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.6.1.12010 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Network Service Manager (HKLM\...\{725D5BA4-E9FA-452B-8CF5-D7E5F8055C71}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Content Metadata Manager Settings (HKLM\...\{8FE3CF66-4484-4D39-B47D-DEBBA173619D}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM\...\{97C58294-36D8-4594-8A49-7AB4AE096504}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.0.0.06120 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.1.01.06290 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Energie Verwaltung (HKLM-x32\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 4.0.0.07160 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{0489D044-6386-4BDF-9F98-577D60CF79DD}) (Version: 3.9.0.11160 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.0.0.07010 - Sony Corporation)
VAIO FW screensaver (HKLM-x32\...\VAIO FW screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.1.09230 - Sony Corporation)
VAIO Marketing Tools (HKLM-x32\...\MarketingTools) (Version:  - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.0.07280 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 1.2.0.09100 - Sony Corporation)
VAIO Movie Story (HKLM-x32\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.5.01.05120 - Sony Corporation)
VAIO Movie Story (x32 Version: 1.5.00.06191 - Sony Corporation) Hidden
VAIO Movie Story 1.5 Upgrade (x32 Version: 1.5.01.05120 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM-x32\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.5.01.05120 - Sony Corporation)
VAIO Original Funktion Einstellungen (HKLM-x32\...\{04EAE65A-CDCF-480F-B754-5C3A9364239C}) (Version: 2.3.0.11240 - Sony Corporation)
VAIO Premium Partners 1.00 (HKLM-x32\...\VAIO Premium Partners 1.00) (Version:  - )
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.2.06030 - Sony Corporation)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Restore Points  =========================

15-05-2014 18:19:46 Windows Update
22-05-2014 18:20:14 Entfernt VAIO Update
22-05-2014 18:21:11 Installiert VAIO Update
25-05-2014 07:48:54 Steuer-Sparer 2014 wurde installiert.
25-05-2014 07:51:49 Installed AAVUpdateManager.
08-06-2014 13:57:18 Uniblue SpeedUpMyPC installation
11-06-2014 19:15:18 Windows Update
12-06-2014 18:11:37 Windows Update
14-06-2014 20:07:22 Windows Update
14-06-2014 20:20:00 Windows Update
15-06-2014 12:04:10 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01037B53-4D53-4033-B846-FEBC9080F169} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-08] (globalUpdate) <==== ATTENTION
Task: {09069933-23B8-4350-9D92-B57BA9B434BF} - System32\Tasks\RegistryBooster => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
Task: {1F3A4EB6-5AE7-4A4D-ADA2-4A94EC616A0C} - System32\Tasks\SONY\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {36CC9380-9BCE-40EB-A159-497E34100EC2} - System32\Tasks\{62633F26-144A-4C4E-8417-3F8E3201A31F} => C:\Program Files (x86)\bet-at-home.com Poker\poker.exe
Task: {42AA65FB-418F-4954-B4DE-EF8DFA66D579} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2498480923-3533779338-1781523399-1000
Task: {465B86E9-3E00-4118-A0C0-DEAAD68DAAA3} - System32\Tasks\PCHelpers_period => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: {4B39DA92-4D22-49B8-AA3F-5C6E705C6340} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {4E8251ED-103A-4FCB-AA3C-5EC64B00AC9F} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {4FA109F7-B1A4-475F-8765-C1D06A8BE15C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {52E9BC9E-9DFB-4915-8CBD-D0A0A79E6790} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {52F47992-D090-487C-B5DD-0D6F70EC369D} - System32\Tasks\{A4550439-657C-40CB-B010-4538437F1D4E} => Iexplore.exe hxxp://ui.skype.com/ui/0/4.2.0.169/de/abandoninstall?page=tsChrome&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {6FF012AA-49CD-4722-BE86-5BE548FF6D7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-30] (Google Inc.)
Task: {7C33F39B-DDC7-452B-BEBF-D8ABEA52F8BA} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {84F7DAE0-B617-4B70-A55B-2A93E5012A9A} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {A3C2F0D7-CF21-4EFD-A9F6-360749494535} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {B321B526-C7B7-4A41-ACBB-DD0045B4F6DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {B93D65B6-DFAF-4D83-B699-49DDFDF6E3AC} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-23] (Google)
Task: {C566D570-A15B-405F-96E5-A3A9DE65040E} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-05-28] (Sony Corporation)
Task: {D3559ACF-CCF4-4C7D-B134-FF4BCF33955E} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-08] (globalUpdate) <==== ATTENTION
Task: {DB5AAA05-9471-42EE-87B0-8374A1C41173} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-30] (Google Inc.)
Task: {EB452114-3475-4D75-8648-B15D6B727F24} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {FDBFF2EB-018C-4210-9D45-ABA3D88BC367} - System32\Tasks\PCHelpers1st => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: {FF03976A-366B-4641-93B7-039CB387AF8F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegistryBooster.job => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

==================== Loaded Modules (whitelisted) =============

2009-09-21 16:04 - 2009-09-21 16:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\AAVUpdateManager\aavus.exe
2009-08-28 13:11 - 2009-07-01 11:49 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2009-08-28 13:11 - 2009-07-01 11:49 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:7E0EFF7B

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Photo Downloader => "C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
MSCONFIG\startupreg: Apoint => %ProgramFiles%\Apoint\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: fst_de_35 =>
MSCONFIG\startupreg: MarketingTools => C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: t4pc_en_4 => "C:\Program Files (x86)\t4pc_en_4\t4pc_en_4.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2014 00:13:18 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Fehler beim Starten des Softwareschutzdiensts.  0x80070002
6.1.7601.17514

Error: (06/14/2014 08:37:17 PM) (Source: Service1) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.PlatformNotSupportedException: Die Operation wird auf dieser Plattform nicht unterstützt.
  bei System.Net.HttpListener..ctor()
  bei System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
  bei System.ServiceModel.Channels.TransportManager.Open(TransportChannelListener channelListener)
  bei System.ServiceModel.Channels.TransportManagerContainer.Open(SelectTransportManagersCallback selectTransportManagerCallback)
  bei System.ServiceModel.Channels.HttpChannelListener.OnOpen(TimeSpan timeout)
  bei System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
  bei System.ServiceModel.Channels.DatagramChannelDemuxer`2.OnOuterListenerOpen(ChannelDemuxerFilter filter, IChannelListener listener, TimeSpan timeout)
  bei System.ServiceModel.Channels.SingletonChannelListener`3.OnOpen(TimeSpan timeout)
  bei System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
  bei System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout)
  bei S...

Error: (06/14/2014 08:34:40 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out

Error: (06/14/2014 08:31:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BtStackServer.exe, Version: 6.2.0.9600, Zeitstempel: 0x4a4c1091
Name des fehlerhaften Moduls: BtStackServer.exe, Version: 6.2.0.9600, Zeitstempel: 0x4a4c1091
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000014c6b7
ID des fehlerhaften Prozesses: 0x10ec
Startzeit der fehlerhaften Anwendung: 0xBtStackServer.exe0
Pfad der fehlerhaften Anwendung: BtStackServer.exe1
Pfad des fehlerhaften Moduls: BtStackServer.exe2
Berichtskennung: BtStackServer.exe3

Error: (06/14/2014 03:28:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/14/2014 03:28:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/14/2014 03:28:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/11/2014 09:15:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Wajam Internet Enhancer Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/11/2014 09:15:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service SecureAssist since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/11/2014 09:15:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service NewPlayer Updater Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.


System errors:
=============
Error: (06/15/2014 02:11:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.

Error: (06/15/2014 02:11:05 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (06/15/2014 02:11:05 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (06/15/2014 02:11:04 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (06/15/2014 02:11:04 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (06/15/2014 02:09:16 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (06/15/2014 01:51:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.

Error: (06/15/2014 01:50:59 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (06/15/2014 01:50:59 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (06/15/2014 01:50:58 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================
Error: (06/15/2014 00:13:18 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: 0x800700026.1.7601.17514

Error: (06/14/2014 08:37:17 PM) (Source: Service1) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.PlatformNotSupportedException: Die Operation wird auf dieser Plattform nicht unterstützt.
  bei System.Net.HttpListener..ctor()
  bei System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
  bei System.ServiceModel.Channels.TransportManager.Open(TransportChannelListener channelListener)
  bei System.ServiceModel.Channels.TransportManagerContainer.Open(SelectTransportManagersCallback selectTransportManagerCallback)
  bei System.ServiceModel.Channels.HttpChannelListener.OnOpen(TimeSpan timeout)
  bei System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
  bei System.ServiceModel.Channels.DatagramChannelDemuxer`2.OnOuterListenerOpen(ChannelDemuxerFilter filter, IChannelListener listener, TimeSpan timeout)
  bei System.ServiceModel.Channels.SingletonChannelListener`3.OnOpen(TimeSpan timeout)
  bei System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
  bei System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout)
  bei S...

Error: (06/14/2014 08:34:40 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out

Error: (06/14/2014 08:31:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BtStackServer.exe6.2.0.96004a4c1091BtStackServer.exe6.2.0.96004a4c1091c0000005000000000014c6b710ec01cf87cf21f1b0acC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe22c6280b-f3f2-11e3-920e-002643419b99

Error: (06/14/2014 03:28:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe

Error: (06/14/2014 03:28:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe

Error: (06/14/2014 03:28:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe

Error: (06/11/2014 09:15:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Wajam Internet Enhancer Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/11/2014 09:15:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service SecureAssist since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/11/2014 09:15:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service NewPlayer Updater Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity Errors:
===================================
  Date: 2013-11-10 16:31:54.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-10 16:31:54.603
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-10 16:31:54.312
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-10 16:31:54.100
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-21 14:30:59.062
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-21 14:30:58.903
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-21 14:30:58.695
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-21 14:30:58.541
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-21 14:30:58.345
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-21 14:30:58.157
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 25%
Total physical RAM: 6111.02 MB
Available physical RAM: 4542.06 MB
Total Pagefile: 12220.23 MB
Available Pagefile: 10294.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:454.57 GB) (Free:358.98 GB) NTFS
Drive d: () (Removable) (Total:58.52 GB) (Free:58.52 GB) exFAT
Drive g: (LEXAR) (Removable) (Total:1.87 GB) (Free:0.74 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4827847C)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 59 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (Size: 2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=2 GB) - (Type=06)

==================== End Of Log ============================
Logilfe Gmer.txt
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-06-15 15:06:40
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0004 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Sony\AppData\Local\Temp\kxliipob.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\system32\services.exe[588] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes                                                                                          0000000077880880 14 bytes {JMP QWORD [RIP+0x0]}
.text    C:\Windows\system32\svchost.exe[848] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes                                                                                          0000000077880880 14 bytes {JMP QWORD [RIP+0x0]}
.text    C:\Windows\system32\svchost.exe[712] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes                                                                                          0000000077880880 14 bytes {JMP QWORD [RIP+0x0]}
.text    C:\Windows\system32\svchost.exe[1600] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes                                                                                          0000000077880880 14 bytes {JMP QWORD [RIP+0x0]}
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2016] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes                                                                              0000000077880880 14 bytes {JMP QWORD [RIP+0x0]}
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe[1348] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                            0000000075601465 2 bytes [60, 75]
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe[1348] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                          00000000756014bb 2 bytes [60, 75]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files\Sony\VAIO Power Management\SPMService.exe[2060] C:\Windows\system32\KERNEL32.dll!SetFileCompletionNotificationModes                                                              0000000077880880 14 bytes {JMP QWORD [RIP+0x0]}
.text    C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2268] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                              0000000075601465 2 bytes [60, 75]
.text    C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2268] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                              00000000756014bb 2 bytes [60, 75]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                        0000000075601465 2 bytes [60, 75]
.text    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                        00000000756014bb 2 bytes [60, 75]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[864] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                  0000000075601465 2 bytes [60, 75]
.text    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[864] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                00000000756014bb 2 bytes [60, 75]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Windows\system32\svchost.exe[4312] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes                                                                                          0000000077880880 14 bytes {JMP QWORD [RIP+0x0]}

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\services.exe [588:2604]                                                                                                                                                        00000000009af430
Thread  C:\Windows\system32\services.exe [588:2596]                                                                                                                                                        00000000009af430
Thread  C:\Windows\system32\services.exe [588:2620]                                                                                                                                                        00000000009cdc30
Thread  C:\Windows\system32\services.exe [588:224]                                                                                                                                                        00000000009cdc30
Thread  C:\Windows\system32\svchost.exe [848:884]                                                                                                                                                          000000000076f430
Thread  C:\Windows\system32\svchost.exe [848:888]                                                                                                                                                          000000000076f430
Thread  C:\Windows\system32\svchost.exe [848:896]                                                                                                                                                          000000000078dc30
Thread  C:\Windows\system32\svchost.exe [712:1456]                                                                                                                                                        000000000138f430
Thread  C:\Windows\system32\svchost.exe [712:1460]                                                                                                                                                        000000000138f430
Thread  C:\Windows\system32\svchost.exe [712:1468]                                                                                                                                                        00000000013adc30
Thread  C:\Windows\system32\svchost.exe [712:1556]                                                                                                                                                        00000000013adc30
Thread  C:\Windows\System32\spoolsv.exe [1492:3912]                                                                                                                                                        0000000001b8f430
Thread  C:\Windows\System32\spoolsv.exe [1492:3924]                                                                                                                                                        0000000001b8f430
Thread  C:\Windows\system32\svchost.exe [1600:1712]                                                                                                                                                        0000000000a5f430
Thread  C:\Windows\system32\svchost.exe [1600:1716]                                                                                                                                                        0000000000a5f430
Thread  C:\Windows\system32\svchost.exe [1600:1724]                                                                                                                                                        0000000000a7dc30
Thread  C:\Windows\system32\svchost.exe [4312:3908]                                                                                                                                                        0000000000bef430
Thread  C:\Windows\system32\svchost.exe [4312:3788]                                                                                                                                                        0000000000bef430
Thread  C:\Windows\system32\svchost.exe [4312:1352]                                                                                                                                                        0000000000c0dc30
Thread  C:\Windows\system32\svchost.exe [4312:1516]                                                                                                                                                        0000000000c0dc30
Thread  c:\program files\windows defender\MpCmdRun.exe [4820:3184]                                                                                                                                        000000000018f430
Thread  c:\program files\windows defender\MpCmdRun.exe [4820:3628]                                                                                                                                        000000000018f430
Thread  c:\program files\windows defender\MpCmdRun.exe [4820:4052]                                                                                                                                        00000000001adc30
Thread  c:\program files\windows defender\MpCmdRun.exe [4820:2316]                                                                                                                                        00000000001adc30
---- Processes - GMER 2.1 ----

Library  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EFEBFDEF-4B1F-4DC0-B421-84F580918EAF}\offreg.dll (*** suspicious ***) @ C:\Windows\System32\svchost.exe [2332](2014-06-15 12:21:22)  000007fefb550000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002433751382                                                                                                                       
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002433751725                                                                                                                       
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002643419b99                                                                                                                       
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002643419b99@00027620b0b6                                                                                                          0xC5 0xFC 0x6D 0x0E ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002433751382 (not active ControlSet)                                                                                                   
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002433751725 (not active ControlSet)                                                                                                   
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002643419b99 (not active ControlSet)                                                                                                   
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002643419b99@00027620b0b6                                                                                                              0xC5 0xFC 0x6D 0x0E ...

---- EOF - GMER 2.1 ----

schrauber 15.06.2014 14:49
hi,

Adware & Co. deinstallieren

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKLM-x32\...\Run: [t4pc_en_4] => [X]
ProxyServer: http=127.0.0.1:50382;https=127.0.0.1:50382
Winsock: Catalog9 01 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 16 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]
S3 dump_wmimmc; No ImagePath

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

bdon 15.06.2014 20:49
Hallo,

ein Programm konnte nicht deinstalliert werden.

Fixlog.txt.
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-06-2014
Ran by Sony at 2014-06-15 20:28:49 Run:1
Running from G:\
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [t4pc_en_4] => [X]
ProxyServer: http=127.0.0.1:50382;https=127.0.0.1:50382
Winsock: Catalog9 01 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 16 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]
S3 dump_wmimmc; No ImagePath
       
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\t4pc_en_4 => value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
Winsock: Catalog entry 000000000001 => Deleted successfully.
Winsock: Catalog entry 000000000002 => Deleted successfully.
Winsock: Catalog entry 000000000003 => Deleted successfully.
Winsock: Catalog entry 000000000004 => Deleted successfully.
Winsock: Catalog entry 000000000016 => Deleted successfully.
Winsock: Catalog entry 000000000001 => Deleted successfully.
Winsock: Catalog entry 000000000002 => Deleted successfully.
Winsock: Catalog entry 000000000003 => Deleted successfully.
Winsock: Catalog entry 000000000004 => Deleted successfully.
Winsock: Catalog entry 000000000016 => Deleted successfully.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
npggsvc => Service deleted successfully.
dump_wmimmc => Service deleted successfully.

==== End of Fixlog ====

mbam.txt
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 15.06.2014
Suchlauf-Zeit: 20:58:19
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.15.05
Rootkit Datenbank: v2014.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Sony

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 273173
Verstrichene Zeit: 11 Min, 19 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 4
PUP.Optional.SearchCertified.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|Search Bar, hxxp://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1402241364397&tguid=80415-23890-1402241364397-845D960FE4F52731D56FE4648D061F8B&st=chrome&q=, In Quarantäne, [dfe29fd9c0bbf3437b0cf7a807fb758b]
PUP.Optional.SearchCertified.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI, hxxp://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1402241364397&tguid=80415-23890-1402241364397-845D960FE4F52731D56FE4648D061F8B&q=%s, In Quarantäne, [20a1b7c16c0fb185ef9a8b1425dd9967]
PUP.Optional.SearchCertified.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL, hxxp://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1402241364397&tguid=80415-23890-1402241364397-845D960FE4F52731D56FE4648D061F8B&q=%s, In Quarantäne, [06bbd3a5413a6ccab9d13b64877ba858]
PUP.Optional.SearchCertified.A, HKU\S-1-5-21-2498480923-3533779338-1781523399-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Search Bar, hxxp://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1402241364397&tguid=80415-23890-1402241364397-845D960FE4F52731D56FE4648D061F8B&st=chrome&q=, In Quarantäne, [863b1266fd7e1026ee971b847f831ae6]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 2
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, In Quarantäne, [d1f043355526b4820524ebb4a26031cf],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [d1f043355526b4820524ebb4a26031cf],

Dateien: 21
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgMediaPlayer.dll, In Quarantäne, [fdc40771205b3cfaa1efacef29db8878],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\ContentPackagesActivationHandler.exe, In Quarantäne, [19a8adcbdd9ee650830d3863a95bac54],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgAdaptersProxy.dll, In Quarantäne, [1ca580f85b2063d38a063d5e758fca36],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgArchive.dll, In Quarantäne, [5e6348306516290dc7c91883f50f867a],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgcommon.dll, In Quarantäne, [0fb2e593fb805adc711f9803ed176799],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgcommunication.dll, In Quarantäne, [8c35fb7d34474ceae1afdfbccb3906fa],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgconfig.dll, In Quarantäne, [6160492fc2b965d1eca4207bc242d52b],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgFlashPlayer.dll, In Quarantäne, [3f82b5c3accf3501e7a9a4f7bb4952ae],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mghooking.dll, In Quarantäne, [6160c1b7c8b355e1a0f08c0f30d44cb4],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgICQAuto.dll, In Quarantäne, [586984f495e660d6434d9efdc1432ad6],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgICQMessengerAdapter.dll, In Quarantäne, [2c953840176468cea6ea27747a8a9c64],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mglogger.dll, In Quarantäne, [259c1b5dc9b29c9ad0c0d4c71ee641bf],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgMsnAuto.dll, In Quarantäne, [cff22454196246f00d83eead9d678f71],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgMsnMessengerAdapter.dll, In Quarantäne, [0cb52454ee8d1e186729445716ee9769],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgsimcommon.dll, In Quarantäne, [e4dd5a1ef8834de9dab6673421e39769],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgSweetIM.dll, In Quarantäne, [774a66122e4d42f4e9a7e5b652b209f7],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgUpdateSupport.dll, In Quarantäne, [19a83f390774b87eff914c4f9b6937c9],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgxml_wrapper.dll, In Quarantäne, [3b86e5935328d660ade3990221e341bf],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgYahooAuto.dll, In Quarantäne, [00c1df998af158deb7d99dfeb0543ec2],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\mgYahooMessengerAdapter.dll, In Quarantäne, [348d2454ef8cb581642cc1da28dc8c74],
PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RWLXRRS\SweetIM.exe, In Quarantäne, [833e294fb8c39d99454b5942937147b9],

Physische Sektoren: 0
(No malicious items detected)


(end)

ADWCLeaner
Code:
# AdwCleaner v3.212 - Bericht erstellt am 15/06/2014 um 21:23:01
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sony - SONY-VAIO
# Gestartet von : G:\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Kreapixel
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\ProgramData\WindowsProtectManger
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\LSHunter.TV
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\Sony\AppData\Local\Freesofttoday
Ordner Gelöscht : C:\Users\Sony\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Sony\AppData\Local\Kreapixel
Ordner Gelöscht : C:\Users\Sony\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Sony\AppData\Local\Services x86
Ordner Gelöscht : C:\Users\Sony\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Sony\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Sony\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Sony\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\Sony\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Sony\AppData\Roaming\Optimizer Elite Max
Ordner Gelöscht : C:\Users\Sony\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Sony\AppData\Roaming\Uniblue
Ordner Gelöscht : C:\Users\Sony\AppData\Roaming\WebPlayerBdd
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\SysWOW64\SecureAssist.ini
Datei Gelöscht : C:\Windows\SysWOW64\SecureAssistOff.ini
Datei Gelöscht : C:\Windows\System32\SecureAssist.ini
Datei Gelöscht : C:\Windows\System32\SecureAssist64.dll
Datei Gelöscht : C:\Windows\System32\SecureAssistOff.ini
Datei Gelöscht : C:\Users\Sony\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\invalidprefs.js
Datei Gelöscht : C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Windows\System32\Tasks\BrowserProtect
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
Datei Gelöscht : C:\Windows\System32\Tasks\LaunchApp
Datei Gelöscht : C:\Windows\Tasks\PCHelpers_period.job
Datei Gelöscht : C:\Windows\System32\Tasks\PCHelpers_period
Datei Gelöscht : C:\Windows\Tasks\PCHelpers1st.job
Datei Gelöscht : C:\Windows\System32\Tasks\PCHelpers1st

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConfigTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConfigTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKCU\Software\855d6dce139ea49
Schlüssel Gelöscht : HKLM\SOFTWARE\855d6dce139ea49
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1351351
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader26187[1]_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader26187[1]_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222702296}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255705596}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266706696}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244704496}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EF41A4-BA24-4E49-A2C0-E1D047299287}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{130CCD34-0382-48E5-B307-0E7E72166828}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{26D25DD5-F17A-4D93-9A94-997E2124EEB4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{30279F40-D76B-443C-A34D-F43B35B35CE1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{796D0AA0-DC0E-44C9-A398-C874F04D55A4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CE2102F0-DF63-452E-9CA7-0F75FF4DDD4B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{DADFCC6F-66D2-4E1D-A01B-7064CAD2F583}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255705596}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266706696}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Services x86
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\NewPlayer
Schlüssel Gelöscht : HKLM\Software\Services x86
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\prefs.js ]

Zeile gelöscht : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/home?affID=119550");
Zeile gelöscht : user_pref("avg.install.userSPSettings", "Delta Search");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("extensions.helperbar.Country", "Germany");
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.UserID", "c0336d25-a723-40d1-82b6-da5f7c5fa0f4");
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false);
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1363772297208");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1363772297217");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1363772297225");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1364324592391");

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [23609 octets] - [15/06/2014 21:22:06]
AdwCleaner[S0].txt - [22142 octets] - [15/06/2014 21:23:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22203 octets] ##########

Junkware Removal Tool
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sony on 15.06.2014 at 21:28:56,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2498480923-3533779338-1781523399-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211701196}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F1F1C601-D08D-4F47-BA5C-D3E5277FE98C}



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\registrybooster.job



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Sony\AppData\Roaming\mozilla\firefox\profiles\s4s6avor.default\minidumps [643 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.06.2014 at 21:35:13,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014
Ran by Sony (administrator) on SONY-VAIO on 15-06-2014 21:37:48
Running from G:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\AAVUpdateManager\aavus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-2498480923-3533779338-1781523399-1000\...\MountPoints2: {0d4997ff-facb-11e2-b9d8-002643419b99} - G:\LGAutoRun.exe
HKU\S-1-5-21-2498480923-3533779338-1781523399-1000\...\MountPoints2: {d9b709bd-f708-11de-90a5-806e6f6e6963} - F:\data\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {B32F36EF-CF66-48D0-B0BE-384D75573BFA} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
SearchScopes: HKCU - {DE4A6AE1-B534-4189-B0B5-4326DFF511CB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
SearchScopes: HKCU - {EA15911A-2C90-4CBE-B652-B7AA38F54D8D} URL = hxxp://services.zinio.com/search?s={selection}&rf=sonyslices
SearchScopes: HKCU - {ED3733E5-E045-4FC3-93DA-0E4074705215} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&rlz=1I7SUNC_deDE356
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default
FF NewTab: about:home
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 - C:\Program Files (x86)\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll (Google)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\abs@avira.com [2014-06-07]
FF Extension: Ghostery - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\firefox@ghostery.com.xpi [2014-05-09]
FF Extension: GMX MailCheck - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\toolbar@gmx.net.xpi [2011-12-28]
FF Extension: Adblock Plus - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-11]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-08-28] (Macrovision Europe Ltd.) [File not signed]
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-06-26] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-06-26] (Sonic Solutions)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-24] (Realtek Semiconductor)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [74496 2010-09-27] (Sony Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
S3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [312136 2010-09-27] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-15 21:35 - 2014-06-15 21:35 - 00001676 _____ () C:\Users\Sony\Desktop\JRT.txt
2014-06-15 21:28 - 2014-06-15 21:28 - 00000000 ____D () C:\Windows\ERUNT
2014-06-15 21:28 - 2014-06-15 21:18 - 01016261 _____ (Thisisu) C:\Users\Sony\Desktop\JRT.exe
2014-06-15 21:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-15 21:21 - 2014-06-15 21:23 - 00000000 ____D () C:\AdwCleaner
2014-06-15 19:57 - 2014-06-15 19:57 - 00001268 _____ () C:\Users\Sony\Desktop\Revo Uninstaller.lnk
2014-06-15 19:57 - 2014-06-15 19:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-15 19:57 - 2014-06-15 19:56 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sony\Downloads\revosetup95.exe
2014-06-15 16:14 - 2014-06-15 16:14 - 00454528 _____ () C:\Windows\Minidump\061514-73008-01.dmp
2014-06-15 14:49 - 2014-06-15 21:37 - 00000000 ____D () C:\FRST
2014-06-15 14:44 - 2014-06-15 14:44 - 00000000 _____ () C:\Users\Sony\defogger_reenable
2014-06-15 13:17 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-15 13:17 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-15 13:16 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-15 13:16 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-15 13:16 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-15 13:16 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-15 13:16 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-15 13:16 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-15 13:16 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-15 13:16 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-15 13:16 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-15 13:16 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-15 13:16 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-15 13:16 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-15 13:16 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-15 13:16 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-15 13:16 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-15 13:16 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-15 13:16 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-15 13:16 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-15 13:16 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-15 13:16 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-15 13:16 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-15 13:16 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-15 13:16 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-15 13:16 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-15 13:16 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-15 13:16 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-15 13:16 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-15 13:16 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-15 13:16 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-15 13:16 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-15 13:16 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-15 13:16 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-15 13:16 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-15 13:16 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-15 13:16 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-15 13:16 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-15 13:16 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-15 13:16 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-15 13:16 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-15 13:16 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-15 13:16 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-15 13:16 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-15 13:16 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-15 13:16 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-15 13:16 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-15 13:16 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-15 13:16 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-15 13:16 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-15 13:16 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-15 13:16 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-15 13:16 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-15 13:16 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-15 13:16 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-15 13:16 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-15 13:16 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-15 13:16 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-15 13:16 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-15 13:16 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-15 13:16 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-15 13:16 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-15 13:16 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-15 13:16 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-15 13:16 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 21:07 - 2014-06-12 21:07 - 00007686 _____ () C:\WirelessDiagLog.csv
2014-06-12 20:10 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 20:52 - 2014-06-14 22:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 20:47 - 2014-06-15 20:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 20:45 - 2014-06-14 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-11 20:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-11 20:45 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-11 20:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-11 20:26 - 2014-06-11 20:26 - 00001076 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-06-08 15:59 - 2014-06-08 15:59 - 00000000 ____D () C:\Users\Sony\AppData\Local\com
2014-06-08 15:58 - 2014-06-11 21:07 - 00000000 ____D () C:\temp
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieUserList
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieSiteList
2014-05-25 13:17 - 2014-05-25 13:17 - 00138422 _____ () C:\Users\Sony\Desktop\steuer 2013.ESt2013
2014-05-25 09:53 - 2014-05-25 09:53 - 00000000 ____D () C:\Users\Sony\Documents\Steuerfälle
2014-05-25 09:52 - 2014-05-25 09:52 - 00000000 ____D () C:\Program Files (x86)\AAVUpdateManager
2014-05-25 09:51 - 2014-05-25 09:51 - 00001896 _____ () C:\Users\Public\Desktop\Steuer-Sparer 2014.lnk
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\Users\Sony\AppData\Local\AAV
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2014
2014-05-25 09:49 - 2014-05-25 09:51 - 00000000 ____D () C:\Program Files (x86)\Steuer-Sparer 2014
2014-05-25 09:48 - 2014-05-25 09:48 - 00000000 ____D () C:\ProgramData\AAV
2014-05-22 20:21 - 2014-05-22 20:21 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk

==================== One Month Modified Files and Folders =======

2014-06-15 21:38 - 2009-10-08 08:57 - 00000000 ____D () C:\Users\Sony\AppData\Local\Temp
2014-06-15 21:37 - 2014-06-15 14:49 - 00000000 ____D () C:\FRST
2014-06-15 21:35 - 2014-06-15 21:35 - 00001676 _____ () C:\Users\Sony\Desktop\JRT.txt
2014-06-15 21:32 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-15 21:32 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-15 21:29 - 2009-10-08 09:00 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6173D358-3C57-47CA-8936-3CEC92355946}
2014-06-15 21:29 - 2009-10-08 08:57 - 01749345 _____ () C:\Windows\WindowsUpdate.log
2014-06-15 21:28 - 2014-06-15 21:28 - 00000000 ____D () C:\Windows\ERUNT
2014-06-15 21:28 - 2012-03-30 09:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-15 21:27 - 2013-03-17 21:12 - 00004140 _____ () C:\Windows\System32\Tasks\Google Software Updater
2014-06-15 21:27 - 2013-03-17 21:12 - 00001034 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-06-15 21:25 - 2010-01-30 20:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-15 21:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-15 21:25 - 2009-07-14 06:51 - 00314836 _____ () C:\Windows\setupact.log
2014-06-15 21:24 - 2009-08-28 13:20 - 00792378 _____ () C:\Windows\PFRO.log
2014-06-15 21:23 - 2014-06-15 21:21 - 00000000 ____D () C:\AdwCleaner
2014-06-15 21:18 - 2014-06-15 21:28 - 01016261 _____ (Thisisu) C:\Users\Sony\Desktop\JRT.exe
2014-06-15 21:12 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-06-15 21:10 - 2010-01-30 20:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-15 20:57 - 2014-06-11 20:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-15 19:57 - 2014-06-15 19:57 - 00001268 _____ () C:\Users\Sony\Desktop\Revo Uninstaller.lnk
2014-06-15 19:57 - 2014-06-15 19:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-15 19:56 - 2014-06-15 19:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sony\Downloads\revosetup95.exe
2014-06-15 16:14 - 2014-06-15 16:14 - 00454528 _____ () C:\Windows\Minidump\061514-73008-01.dmp
2014-06-15 16:14 - 2009-12-01 15:55 - 00000000 ____D () C:\Windows\Minidump
2014-06-15 16:13 - 2009-12-01 15:55 - 669268096 _____ () C:\Windows\MEMORY.DMP
2014-06-15 15:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-15 14:44 - 2014-06-15 14:44 - 00000000 _____ () C:\Users\Sony\defogger_reenable
2014-06-15 14:44 - 2009-10-08 08:57 - 00000000 ____D () C:\Users\Sony
2014-06-15 14:15 - 2009-07-14 19:58 - 00699712 _____ () C:\Windows\system32\perfh007.dat
2014-06-15 14:15 - 2009-07-14 19:58 - 00149820 _____ () C:\Windows\system32\perfc007.dat
2014-06-15 14:15 - 2009-07-14 07:13 - 01620812 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 14:08 - 2013-08-15 21:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-15 14:07 - 2009-11-02 20:58 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-15 14:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-15 14:04 - 2014-05-06 21:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-15 13:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-06-15 13:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-14 22:52 - 2014-06-11 20:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 22:52 - 2014-06-11 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-14 22:52 - 2013-11-04 12:04 - 00000000 ____D () C:\Users\Sony\AppData\Local\Ubisoft
2014-06-14 22:52 - 2009-10-08 09:00 - 00000000 ____D () C:\Users\Sony\AppData\Local\Sony_Corporation
2014-06-14 22:52 - 2009-08-18 20:12 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-06-14 22:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-14 22:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-14 22:07 - 2013-11-04 12:04 - 00000000 __SHD () C:\Users\Sony\wc
2014-06-12 21:07 - 2014-06-12 21:07 - 00007686 _____ () C:\WirelessDiagLog.csv
2014-06-12 19:59 - 2012-07-30 21:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 19:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-06-11 21:07 - 2014-06-08 15:58 - 00000000 ____D () C:\temp
2014-06-11 20:55 - 2014-05-10 21:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-11 20:29 - 2009-11-02 20:38 - 00000000 ____D () C:\ProgramData\Google
2014-06-11 20:29 - 2009-10-08 09:01 - 00000000 ____D () C:\Users\Sony\AppData\Local\Google
2014-06-11 20:29 - 2009-08-28 12:58 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-11 20:27 - 2009-10-08 08:58 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-11 20:26 - 2014-06-11 20:26 - 00001076 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-06-11 20:26 - 2014-03-08 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-11 20:26 - 2014-03-08 20:54 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-11 20:26 - 2014-03-08 20:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-11 20:26 - 2011-10-16 20:53 - 00000000 ____D () C:\ProgramData\Avira
2014-06-08 17:49 - 2011-12-04 17:41 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-08 17:49 - 2011-12-04 17:41 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-08 17:49 - 2009-10-08 08:59 - 00001425 _____ () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-08 17:43 - 2009-10-08 08:58 - 00096240 _____ () C:\Users\Sony\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 17:42 - 2009-07-14 06:45 - 00402920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-08 17:38 - 2013-11-04 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher
2014-06-08 17:38 - 2009-08-28 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Premium Partners
2014-06-08 15:59 - 2014-06-08 15:59 - 00000000 ____D () C:\Users\Sony\AppData\Local\com
2014-06-08 11:13 - 2014-06-15 13:17 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-15 13:17 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 20:24 - 2014-03-08 20:56 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-03 20:24 - 2014-03-08 20:56 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-31 18:40 - 2009-11-02 23:08 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Skype
2014-05-30 12:21 - 2014-06-15 13:16 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-15 13:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-15 13:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-15 13:16 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-15 13:16 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-15 13:16 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-15 13:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-15 13:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-15 13:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-15 13:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-15 13:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 20:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-15 13:16 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-15 13:16 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-15 13:16 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-15 13:16 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-15 13:16 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-15 13:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-15 13:16 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-15 13:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-15 13:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-15 13:16 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-15 13:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-15 13:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-15 13:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-15 13:16 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-15 13:16 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-15 13:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-15 13:16 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-15 13:16 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-15 13:16 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-15 13:16 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-15 13:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-15 13:16 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-15 13:16 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-15 13:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-15 13:16 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-15 13:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-15 13:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-15 13:16 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-15 13:16 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-15 13:16 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-15 13:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-15 13:16 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-15 13:16 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-15 13:16 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-15 13:16 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-15 13:16 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-15 13:16 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-15 13:16 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-15 13:16 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-15 13:16 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieUserList
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieSiteList
2014-05-25 13:17 - 2014-05-25 13:17 - 00138422 _____ () C:\Users\Sony\Desktop\steuer 2013.ESt2013
2014-05-25 09:53 - 2014-05-25 09:53 - 00000000 ____D () C:\Users\Sony\Documents\Steuerfälle
2014-05-25 09:52 - 2014-05-25 09:52 - 00000000 ____D () C:\Program Files (x86)\AAVUpdateManager
2014-05-25 09:51 - 2014-05-25 09:51 - 00001896 _____ () C:\Users\Public\Desktop\Steuer-Sparer 2014.lnk
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\Users\Sony\AppData\Local\AAV
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2014
2014-05-25 09:51 - 2014-05-25 09:49 - 00000000 ____D () C:\Program Files (x86)\Steuer-Sparer 2014
2014-05-25 09:48 - 2014-05-25 09:48 - 00000000 ____D () C:\ProgramData\AAV
2014-05-24 20:36 - 2012-12-03 23:42 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-22 20:22 - 2011-06-16 20:38 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-05-22 20:21 - 2014-05-22 20:21 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-05-22 20:21 - 2009-08-28 12:59 - 00000000 ____D () C:\Program Files\Sony
2014-05-22 20:21 - 2009-08-18 18:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-22 20:19 - 2010-01-01 19:08 - 00000000 ____D () C:\Update

Some content of TEMP:
====================
C:\Users\Sony\AppData\Local\Temp\avgnt.exe
C:\Users\Sony\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-08 17:22

==================== End Of Log ============================
--- --- ---



Bemerkung:
Habe anschließend einfach mal den Browser geöffnet, Internet funktioniert nun wieder.

schrauber 16.06.2014 21:20

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

bdon 17.06.2014 09:36
Servus,

Eset Online
Code:
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=583f76f1726b494c9cf6bdb6c43b1512
# engine=18750
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-17 08:19:47
# local_time=2014-06-17 10:19:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 4562 9671923 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 137537 154623037 0 0
# scanned=255371
# found=6
# cleaned=0
# scan_time=4053
sh=804646498C3D54461281E85374C993852E4E9846 ft=1 fh=aa93065a19d3e33f vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RD56ZO7.exe"
sh=4ABB0927A63A3468AD872554ADB65F0F4EFC8819 ft=1 fh=705ad8b66009ca52 vn="Win32/Toolbar.Babylon.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2498480923-3533779338-1781523399-1000\$RE9BNIG.exe"
sh=A47739F27C4BC8FD3A48B4A90B40679DF1218E1B ft=1 fh=ab4f3351c96b3042 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=D7E3B0A7408D3F0898A524C521EF7914A5AE03F9 ft=1 fh=4ae667e603f8159b vn="Variante von Win32/SweetIM.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe.vir"
sh=A426A9F68A91311842231DA736BDB0D98C563C78 ft=1 fh=07695b25355574b4 vn="Variante von Win32/Toolbar.Babylon.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L1548Y3R\DeltaTB[1].exe"
sh=63C343DD349A53EFB1A09308A38382B95C8F9EFA ft=1 fh=bc25cad254a3c614 vn="Win32/Packed.ScrambleWrapper.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L1548Y3R\services-x86[1].exe"

SecurityCheck
Code:
Results of screen317's Security Check version 0.99.83 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 45 
 Java version out of Date!
 Adobe Flash Player 13.0.0.214 
 Adobe Reader 9 
 Adobe Reader XI 
 Mozilla Firefox (30.0)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014
Ran by Sony (administrator) on SONY-VAIO on 17-06-2014 10:32:08
Running from G:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\AAVUpdateManager\aavus.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-2498480923-3533779338-1781523399-1000\...\MountPoints2: {0d4997ff-facb-11e2-b9d8-002643419b99} - G:\LGAutoRun.exe
HKU\S-1-5-21-2498480923-3533779338-1781523399-1000\...\MountPoints2: {d9b709bd-f708-11de-90a5-806e6f6e6963} - F:\data\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {B32F36EF-CF66-48D0-B0BE-384D75573BFA} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
SearchScopes: HKCU - {DE4A6AE1-B534-4189-B0B5-4326DFF511CB} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
SearchScopes: HKCU - {EA15911A-2C90-4CBE-B652-B7AA38F54D8D} URL = hxxp://services.zinio.com/search?s={selection}&rf=sonyslices
SearchScopes: HKCU - {ED3733E5-E045-4FC3-93DA-0E4074705215} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&rlz=1I7SUNC_deDE356
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default
FF NewTab: about:home
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 - C:\Program Files (x86)\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll (Google)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\abs@avira.com [2014-06-07]
FF Extension: Ghostery - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\firefox@ghostery.com.xpi [2014-05-09]
FF Extension: GMX MailCheck - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\toolbar@gmx.net.xpi [2011-12-28]
FF Extension: Adblock Plus - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\s4s6avor.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-11]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-08-28] (Macrovision Europe Ltd.) [File not signed]
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-06-26] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-06-26] (Sonic Solutions)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-24] (Realtek Semiconductor)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [74496 2010-09-27] (Sony Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
S3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [312136 2010-09-27] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-17 09:05 - 2014-06-17 09:02 - 00854367 _____ () C:\Users\Sony\Desktop\SecurityCheck.exe
2014-06-17 09:05 - 2014-06-17 09:01 - 02347384 _____ (ESET) C:\Users\Sony\Desktop\esetsmartinstaller_deu.exe
2014-06-15 21:28 - 2014-06-15 21:28 - 00000000 ____D () C:\Windows\ERUNT
2014-06-15 21:28 - 2014-06-15 21:18 - 01016261 _____ (Thisisu) C:\Users\Sony\Desktop\JRT.exe
2014-06-15 21:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-15 21:21 - 2014-06-15 21:23 - 00000000 ____D () C:\AdwCleaner
2014-06-15 19:57 - 2014-06-15 19:57 - 00001268 _____ () C:\Users\Sony\Desktop\Revo Uninstaller.lnk
2014-06-15 19:57 - 2014-06-15 19:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-15 19:57 - 2014-06-15 19:56 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sony\Downloads\revosetup95.exe
2014-06-15 16:14 - 2014-06-15 16:14 - 00454528 _____ () C:\Windows\Minidump\061514-73008-01.dmp
2014-06-15 14:49 - 2014-06-17 10:32 - 00000000 ____D () C:\FRST
2014-06-15 14:44 - 2014-06-15 14:44 - 00000000 _____ () C:\Users\Sony\defogger_reenable
2014-06-15 13:17 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-15 13:17 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-15 13:16 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-15 13:16 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-15 13:16 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-15 13:16 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-15 13:16 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-15 13:16 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-15 13:16 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-15 13:16 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-15 13:16 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-15 13:16 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-15 13:16 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-15 13:16 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-15 13:16 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-15 13:16 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-15 13:16 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-15 13:16 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-15 13:16 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-15 13:16 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-15 13:16 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-15 13:16 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-15 13:16 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-15 13:16 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-15 13:16 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-15 13:16 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-15 13:16 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-15 13:16 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-15 13:16 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-15 13:16 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-15 13:16 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-15 13:16 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-15 13:16 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-15 13:16 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-15 13:16 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-15 13:16 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-15 13:16 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-15 13:16 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-15 13:16 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-15 13:16 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-15 13:16 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-15 13:16 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-15 13:16 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-15 13:16 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-15 13:16 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-15 13:16 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-15 13:16 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-15 13:16 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-15 13:16 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-15 13:16 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-15 13:16 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-15 13:16 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-15 13:16 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-15 13:16 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-15 13:16 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-15 13:16 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-15 13:16 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-15 13:16 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-15 13:16 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-15 13:16 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-15 13:16 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-15 13:16 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-15 13:16 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-15 13:16 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-15 13:16 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 21:07 - 2014-06-12 21:07 - 00007686 _____ () C:\WirelessDiagLog.csv
2014-06-12 20:10 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 20:52 - 2014-06-14 22:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 20:47 - 2014-06-15 20:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 20:45 - 2014-06-14 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-11 20:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-11 20:45 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-11 20:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-11 20:26 - 2014-06-11 20:26 - 00001076 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-06-08 15:59 - 2014-06-08 15:59 - 00000000 ____D () C:\Users\Sony\AppData\Local\com
2014-06-08 15:58 - 2014-06-11 21:07 - 00000000 ____D () C:\temp
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieUserList
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieSiteList
2014-05-25 13:17 - 2014-05-25 13:17 - 00138422 _____ () C:\Users\Sony\Desktop\steuer 2013.ESt2013
2014-05-25 09:53 - 2014-05-25 09:53 - 00000000 ____D () C:\Users\Sony\Documents\Steuerfälle
2014-05-25 09:52 - 2014-05-25 09:52 - 00000000 ____D () C:\Program Files (x86)\AAVUpdateManager
2014-05-25 09:51 - 2014-05-25 09:51 - 00001896 _____ () C:\Users\Public\Desktop\Steuer-Sparer 2014.lnk
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\Users\Sony\AppData\Local\AAV
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2014
2014-05-25 09:49 - 2014-05-25 09:51 - 00000000 ____D () C:\Program Files (x86)\Steuer-Sparer 2014
2014-05-25 09:48 - 2014-05-25 09:48 - 00000000 ____D () C:\ProgramData\AAV
2014-05-22 20:21 - 2014-05-22 20:21 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk

==================== One Month Modified Files and Folders =======

2014-06-17 10:32 - 2014-06-15 14:49 - 00000000 ____D () C:\FRST
2014-06-17 10:32 - 2009-10-08 08:57 - 00000000 ____D () C:\Users\Sony\AppData\Local\Temp
2014-06-17 10:28 - 2012-03-30 09:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-17 10:18 - 2009-10-08 08:57 - 01785017 _____ () C:\Windows\WindowsUpdate.log
2014-06-17 10:10 - 2010-01-30 20:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 09:14 - 2009-10-08 09:00 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6173D358-3C57-47CA-8936-3CEC92355946}
2014-06-17 09:12 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-17 09:12 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-17 09:07 - 2013-03-17 21:12 - 00004140 _____ () C:\Windows\System32\Tasks\Google Software Updater
2014-06-17 09:07 - 2013-03-17 21:12 - 00001034 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-06-17 09:04 - 2010-01-30 20:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 09:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-17 09:03 - 2009-08-28 13:20 - 00792724 _____ () C:\Windows\PFRO.log
2014-06-17 09:03 - 2009-07-14 06:51 - 00314892 _____ () C:\Windows\setupact.log
2014-06-17 09:02 - 2014-06-17 09:05 - 00854367 _____ () C:\Users\Sony\Desktop\SecurityCheck.exe
2014-06-17 09:01 - 2014-06-17 09:05 - 02347384 _____ (ESET) C:\Users\Sony\Desktop\esetsmartinstaller_deu.exe
2014-06-15 22:23 - 2013-11-04 12:04 - 00000000 __SHD () C:\Users\Sony\wc
2014-06-15 21:28 - 2014-06-15 21:28 - 00000000 ____D () C:\Windows\ERUNT
2014-06-15 21:24 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-06-15 21:23 - 2014-06-15 21:21 - 00000000 ____D () C:\AdwCleaner
2014-06-15 21:18 - 2014-06-15 21:28 - 01016261 _____ (Thisisu) C:\Users\Sony\Desktop\JRT.exe
2014-06-15 20:57 - 2014-06-11 20:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-15 19:57 - 2014-06-15 19:57 - 00001268 _____ () C:\Users\Sony\Desktop\Revo Uninstaller.lnk
2014-06-15 19:57 - 2014-06-15 19:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-15 19:56 - 2014-06-15 19:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sony\Downloads\revosetup95.exe
2014-06-15 16:14 - 2014-06-15 16:14 - 00454528 _____ () C:\Windows\Minidump\061514-73008-01.dmp
2014-06-15 16:14 - 2009-12-01 15:55 - 00000000 ____D () C:\Windows\Minidump
2014-06-15 16:13 - 2009-12-01 15:55 - 669268096 _____ () C:\Windows\MEMORY.DMP
2014-06-15 15:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-15 14:44 - 2014-06-15 14:44 - 00000000 _____ () C:\Users\Sony\defogger_reenable
2014-06-15 14:44 - 2009-10-08 08:57 - 00000000 ____D () C:\Users\Sony
2014-06-15 14:15 - 2009-07-14 19:58 - 00699712 _____ () C:\Windows\system32\perfh007.dat
2014-06-15 14:15 - 2009-07-14 19:58 - 00149820 _____ () C:\Windows\system32\perfc007.dat
2014-06-15 14:15 - 2009-07-14 07:13 - 01620812 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 14:08 - 2013-08-15 21:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-15 14:07 - 2009-11-02 20:58 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-15 14:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-15 14:04 - 2014-05-06 21:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-15 13:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-06-15 13:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-14 22:52 - 2014-06-11 20:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 22:52 - 2014-06-11 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-14 22:52 - 2013-11-04 12:04 - 00000000 ____D () C:\Users\Sony\AppData\Local\Ubisoft
2014-06-14 22:52 - 2009-10-08 09:00 - 00000000 ____D () C:\Users\Sony\AppData\Local\Sony_Corporation
2014-06-14 22:52 - 2009-08-18 20:12 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-06-14 22:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-14 22:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-12 21:07 - 2014-06-12 21:07 - 00007686 _____ () C:\WirelessDiagLog.csv
2014-06-12 19:59 - 2012-07-30 21:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 19:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-06-11 21:07 - 2014-06-08 15:58 - 00000000 ____D () C:\temp
2014-06-11 20:55 - 2014-05-10 21:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-11 20:45 - 2014-06-11 20:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-11 20:29 - 2009-11-02 20:38 - 00000000 ____D () C:\ProgramData\Google
2014-06-11 20:29 - 2009-10-08 09:01 - 00000000 ____D () C:\Users\Sony\AppData\Local\Google
2014-06-11 20:29 - 2009-08-28 12:58 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-11 20:27 - 2009-10-08 08:58 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-11 20:26 - 2014-06-11 20:26 - 00001076 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-06-11 20:26 - 2014-03-08 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-11 20:26 - 2014-03-08 20:54 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-11 20:26 - 2014-03-08 20:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-11 20:26 - 2011-10-16 20:53 - 00000000 ____D () C:\ProgramData\Avira
2014-06-08 17:49 - 2011-12-04 17:41 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-08 17:49 - 2011-12-04 17:41 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-08 17:49 - 2009-10-08 08:59 - 00001425 _____ () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-08 17:43 - 2009-10-08 08:58 - 00096240 _____ () C:\Users\Sony\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 17:42 - 2009-07-14 06:45 - 00402920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-08 17:38 - 2013-11-04 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher
2014-06-08 17:38 - 2009-08-28 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Premium Partners
2014-06-08 15:59 - 2014-06-08 15:59 - 00000000 ____D () C:\Users\Sony\AppData\Local\com
2014-06-08 11:13 - 2014-06-15 13:17 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-15 13:17 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 20:24 - 2014-03-08 20:56 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-03 20:24 - 2014-03-08 20:56 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-31 18:40 - 2009-11-02 23:08 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Skype
2014-05-30 12:21 - 2014-06-15 13:16 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-15 13:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-15 13:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-15 13:16 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-15 13:16 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-15 13:16 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-15 13:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-15 13:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-15 13:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-15 13:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-15 13:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 20:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-15 13:16 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-15 13:16 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-15 13:16 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-15 13:16 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-15 13:16 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-15 13:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-15 13:16 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-15 13:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-15 13:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-15 13:16 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-15 13:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-15 13:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-15 13:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-15 13:16 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-15 13:16 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-15 13:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-15 13:16 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-15 13:16 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-15 13:16 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-15 13:16 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-15 13:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-15 13:16 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-15 13:16 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-15 13:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-15 13:16 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-15 13:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-15 13:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-15 13:16 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-15 13:16 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-15 13:16 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-15 13:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-15 13:16 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-15 13:16 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-15 13:16 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-15 13:16 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-15 13:16 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-15 13:16 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-15 13:16 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-15 13:16 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-15 13:16 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieUserList
2014-05-27 21:17 - 2014-05-27 21:17 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieSiteList
2014-05-25 13:17 - 2014-05-25 13:17 - 00138422 _____ () C:\Users\Sony\Desktop\steuer 2013.ESt2013
2014-05-25 09:53 - 2014-05-25 09:53 - 00000000 ____D () C:\Users\Sony\Documents\Steuerfälle
2014-05-25 09:52 - 2014-05-25 09:52 - 00000000 ____D () C:\Program Files (x86)\AAVUpdateManager
2014-05-25 09:51 - 2014-05-25 09:51 - 00001896 _____ () C:\Users\Public\Desktop\Steuer-Sparer 2014.lnk
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\Users\Sony\AppData\Local\AAV
2014-05-25 09:51 - 2014-05-25 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2014
2014-05-25 09:51 - 2014-05-25 09:49 - 00000000 ____D () C:\Program Files (x86)\Steuer-Sparer 2014
2014-05-25 09:48 - 2014-05-25 09:48 - 00000000 ____D () C:\ProgramData\AAV
2014-05-24 20:36 - 2012-12-03 23:42 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-22 20:22 - 2011-06-16 20:38 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-05-22 20:21 - 2014-05-22 20:21 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-05-22 20:21 - 2009-08-28 12:59 - 00000000 ____D () C:\Program Files\Sony
2014-05-22 20:21 - 2009-08-18 18:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-22 20:19 - 2010-01-01 19:08 - 00000000 ____D () C:\Update

Some content of TEMP:
====================
C:\Users\Sony\AppData\Local\Temp\avgnt.exe
C:\Users\Sony\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-08 17:22

==================== End Of Log ============================
--- --- ---

schrauber 17.06.2014 10:59
Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\$Recycle.Bin

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

bdon 17.06.2014 15:01
Hallo Schrauber,

Fixlist.txt
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-06-2014
Ran by Sony at 2014-06-17 15:39:20 Run:3
Running from G:\
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
c:\$Recycle.Bin
*****************

c:\$Recycle.Bin => Moved successfully.

==== End of Fixlog ====
Ich würde noch gerne wissen, wo genau die Problematik beim Aufbau einer Webanfrage lag. War meine Vermutung mit dem beschädigten WinSock richtig?

:party: Danke und nochmal ein fettes Danke! :party:


P.S. der Link Bill Castner ( MVP ) ist falsch oder nicht mehr vorhanden.

schrauber 18.06.2014 09:18
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:06 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131