Trojaner-Board
Seite 4 von 5 « Erste 23 4 5
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Win7: werde regelmäßig auf Desktop geschmissen, Programm öffnet und schließt sich kurz in Programmleiste (https://www.trojaner-board.de/163771-win7-regelmaessig-desktop-geschmissen-programm-oeffnet-schliesst-kurz-programmleiste.html)

Warlord711 19.02.2015 13:49
Ok, während ich das Log anschaue, hast du denn mal die Anweisung zu Chrome durchgeführt ? Lt. Farbar soll die neueste FRST Version von gestern auch auf deinem Rechner laufen ;-)

Warlord711 19.02.2015 14:07
Kannst du wg. dem Drucker mal folgendes deaktivieren:
  • Start\Systemsteuerung\Netzwerk und Internet\Netzwerk- und Freigabecenter, dort dann auf Erweiterte Freigabeeinstellungen ändern klicken
  • Beim Punkt "Netzwerkerkennung" die Option auf Netzwerkerkennung ausschalten umstellen

Und dann schauen ob das Verhalten sich ändert.

LarryPerkins 19.02.2015 16:19
HA! Es klappt tatsächlich.
Netzwerkfreigabe war ausgeschaltet... hab aber das von den Druckern auch deaktiviert.

Hier also endlich das Addition:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by XXX YYY at 2015-02-19 16:15:52
Running from C:\Users\XXX YYY\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7 Grand Steps, Step 1: What Ancients Begat (HKLM-x32\...\Steam App 238930) (Version:  - Mousechief)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apowersoft kostenloser Bildschirmrekorder V1.4.0 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.4.0 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
Audials (HKLM-x32\...\{D928A4B7-126D-47B6-AD76-9848E51E1426}) (Version: 10.2.14807.700 - Audials AG)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bad Hotel (HKLM-x32\...\Steam App 231720) (Version:  - Lucky Frame)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 2 Deluxe (HKLM-x32\...\Steam App 3300) (Version:  - PopCap Games, Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Chainsaw Warrior (HKLM-x32\...\Steam App 251710) (Version:  - Auroch Digital)
Choice of the Deathless (HKLM-x32\...\Steam App 318310) (Version:  - Choice of Games)
Chuzzle Deluxe (HKLM-x32\...\Steam App 3310) (Version:  - PopCap Games, Inc.)
Cinders (HKLM-x32\...\Steam App 293680) (Version:  - MoaCube)
Cisco WebEx Meetings (HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
Dead Man's Draw (HKLM-x32\...\Steam App 262450) (Version:  - Stardock Entertainment)
Death Skid Marks (HKLM-x32\...\Steam App 326150) (Version:  - Studio Whisky Tango Inc.)
Deinst. f. Druckertreiber UFR II (HKLM\...\Canon UFR II Printer Driver) (Version: 5, 4, 0, 0 - Canon Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.80 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.4.2224 - Evernote Corp.)
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version:  - Mode 7)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Gods Will Be Watching (HKLM-x32\...\Steam App 274290) (Version:  - Deconstructeam)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoXXXeeting 6.0.0.1259 (HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\GoXXXeeting) (Version: 6.0.0.1259 - CitrixOnline)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät (HKLM\...\{EF3293DE-FCAC-4742-91BF-AD0174143FC3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Hilfe (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
iMindMap 6 (HKLM-x32\...\{C5711BC2-2E1C-4556-9922-02BF2865A5EE}) (Version: 6.0.617 - ThinkBuzan)
Insaniquarium! Deluxe (HKLM-x32\...\Steam App 3320) (Version:  - PopCap Games, Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.68.55 - Huawei Technologies Co.,Ltd)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
julitecCRM 7.5 (HKLM-x32\...\julitecCRM_is1) (Version:  - )
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kentucky Route Zero (HKLM-x32\...\Steam App 231200) (Version:  - Cardboard Computer)
Long Live The Queen (Demo) 1.0 (HKLM-x32\...\Long Live The Queen_is1) (Version:  - Hanako Games)
LUFTRAUSERS (HKLM-x32\...\Steam App 233150) (Version:  - Vlambeer)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{6619085B-A9D5-4DDD-800B-964903EAF546}) (Version: 15.8.8308.726 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monster Loves You! (HKLM-x32\...\Steam App 226740) (Version:  - Radial Games Corp)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap Games, Inc.)
Plush (HKLM-x32\...\Steam App 341820) (Version:  - Red Head Games)
Protector Suite 2009 (HKLM\...\{0F841121-4DB6-4B31-839F-7F5AB3BB3423}) (Version: 5.9.3.6321 - UPEK Inc.)
Psy High (HKLM-x32\...\Steam App 339510) (Version:  - Choice of Games)
Puzzle Quest (HKLM-x32\...\Steam App 12500) (Version:  - D3)
Qualcomm Gobi 2000 Package for Sony (HKLM-x32\...\{1F4E59C0-EE31-47EE-BCC3-1A73C3F023BF}) (Version: 1.1.160 - QUALCOMM)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.4-1.0.7299.14 - raidcall.com)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6028 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
simfy (HKLM-x32\...\Simfy) (Version: 1.7.6 - simfy AG)
simfy (x32 Version: 1.7.6 - simfy AG) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sokobond (HKLM-x32\...\Steam App 290260) (Version:  - Alan Hazelden)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated)
TBBackup 2 (Freiversion) (HKLM-x32\...\DED9B6BE-2B04-4799-A88F-8BBF4D114AAF_is1) (Version: 2 - Priotecs IT GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
The Bridge (HKLM-x32\...\Steam App 204240) (Version:  - Ty Taylor and Mario Castañeda)
Thieves' Gambit: Curse of the Black Cat (HKLM-x32\...\Steam App 328550) (Version:  - Choice of Games)
Thirty Flights of Loving (HKLM-x32\...\Steam App 214700) (Version:  - Blendo Games)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TOP (HKLM\...\TOP) (Version: 2.1.1.0 - mediMACH GmbH & Co. KG)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Uplink (HKLM-x32\...\Steam App 1510) (Version:  - Introversion Software)
VAIO Care (HKLM\...\{D9FFE40D-1A85-4541-992C-5EF505F391A4}) (Version: 8.4.2.12041 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.0.06080 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Marketing Tools (HKLM-x32\...\MarketingTools) (Version:  - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version:  - Ubisoft Montpellier)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vodafone Mobile Broadband (HKLM-x32\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.0.300.23587 - Vodafone)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 5.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
Wondershare Dr.Fone for Android(Build 4.8.1.136) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 4.8.1.136 - Wondershare Software Co.,Ltd.)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)

==================== CusXXX CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Citrix\GoXXXeeting\1259\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

17-02-2015 00:15:44 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-02-16 16:28 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07003042-FCBF-4E03-9084-D7217B6EC518} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {0F0A4936-B027-44CB-B669-5B9F92B3F192} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {0FDA89CB-57A1-40E2-9EA8-C4433EDA0076} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {187BF442-5A85-44DE-9CC7-0241C7AC7642} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {1A5ED98B-E26E-4F78-8E49-5AAF4F656B37} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {1FA704D2-62BF-43D6-840A-2D4F9786E076} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)
Task: {2CE11264-F006-4465-8975-FA2EA0245B3D} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)
Task: {2D0606BE-BE7B-4C6F-942C-07B45CBB4D01} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {367F27E4-A729-4EB5-80C6-6B08FE47DB1F} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {402882DC-CDFE-49E2-A954-3F809F37851D} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {413513C7-60B9-4045-8171-6A8D9EBDD495} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {568B3CF3-0B50-4A11-9478-284D3A055670} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {576BD409-939A-4F67-B3ED-0E82591D6BF3} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {61B8DD12-39BF-4BBF-B084-8F92D5F3A324} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {8064F21C-7DCF-4763-9DBF-7722C2057EC9} - System32\Tasks\Microsoft\Office\Office AuXXXatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {80EF32D9-20FD-4C21-9265-C33EBCE1A4FD} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {81A39738-5497-488C-8C74-6567DD8AAD4B} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {85FB3BD6-50D8-4849-9EBA-D1986B341972} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {888841F4-9762-4C71-B89D-B7EDB973865A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {89E6205E-831F-4B74-BF7B-3026B6E6B365} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {941F4092-FB9C-45CD-A9C2-B169B06301AE} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {9F25FF11-44D1-4805-9E91-03529AA0C68C} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {B770129E-F306-434C-B31D-A16B84710116} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {BDDACF5E-FAE8-4757-B563-36FD9129FE8B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C8E76728-2150-4BA0-B8A4-312038C6D67C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {C9569DB7-51E7-4271-825E-5D767A82801B} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-06-08] (Sony Corporation)
Task: {CDEE1781-E40E-48A6-AF87-12F74E527282} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {D82BD1C7-8232-4603-BFFC-6C038A5B5C53} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {DBB38736-AA50-4AD2-9F1F-C2365E1C0309} - System32\Tasks\Microsoft Office 15 Sync Maintenance for XXXYYY-VAIO-XXX YYY XXXYYY-VAIO => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {E0069895-C592-4682-9B56-15AF40694CCF} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E21FD473-244F-4C5F-A416-6E806AADD30D} - System32\Tasks\{AA8032E1-7990-40E7-9D86-A05BAD4EA3DB} => pcalua.exe -a "C:\Program Files (x86)\QT Lite\QTSystem\quicktime.cpl"
Task: {EA1DFED2-7347-45D2-9332-8F46642B0487} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-06-08] (Sony Corporation)
Task: {EAB4BD7C-A20A-4956-B70F-B8FB3C9F2A3C} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {F8544C8C-401A-4588-9992-5F23AC4E6FD4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-05-02 11:19 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-09-17 18:11 - 2011-06-17 12:04 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2007-02-12 20:51 - 2007-02-12 20:51 - 01111552 _____ () C:\Program Files (x86)\FastStone Capture\FSCapture.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-10-13 02:49 - 2014-06-20 07:42 - 00401280 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2013-10-02 09:38 - 2011-06-17 12:04 - 01434464 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-09-17 18:11 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2013-09-17 18:11 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2013-09-17 18:11 - 2010-05-05 09:47 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2013-09-17 18:11 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2013-03-19 16:48 - 2010-05-31 19:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2013-03-19 16:48 - 2010-05-31 19:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-03-25 13:23 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-24 19:33 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-24 19:33 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-24 19:33 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 22:02 - 2015-02-19 00:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 09:13 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 09:13 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 09:13 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 09:13 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 09:13 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-03-29 10:53 - 2015-02-19 00:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-09-25 11:37 - 2014-09-25 11:37 - 00081056 _____ () C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-09-25 11:37 - 2014-09-25 11:37 - 00081056 _____ () C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-02-10 22:00 - 2015-02-10 22:00 - 00750080 _____ () C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-19 11:43 - 2015-02-19 11:43 - 00043008 _____ () c:\Users\XXX YYY\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6av0gr.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00047616 _____ () C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00865280 _____ () C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00200704 _____ () C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-03-19 16:51 - 2013-03-19 16:51 - 00054784 _____ () C:\Program Files (x86)\Sony\Marketing Tools\Win32Interop.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-13 02:49 - 2014-03-04 12:20 - 00117760 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-10-13 02:49 - 2014-04-22 03:14 - 00065536 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QHttpServer.dll
2014-10-13 02:49 - 2014-05-06 06:39 - 00861184 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-10-13 02:49 - 2014-05-06 06:38 - 00021504 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-10-13 02:49 - 2014-05-06 06:38 - 00020992 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-10-13 02:49 - 2014-05-06 06:38 - 00204800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-10-13 02:49 - 2014-05-06 11:44 - 00218112 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-10-13 02:49 - 2014-05-06 06:58 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-10-13 02:49 - 2014-05-06 11:44 - 00015360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-10-13 02:49 - 2014-05-06 11:44 - 00307712 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-10-13 02:49 - 2014-05-06 11:44 - 00014848 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-10-13 02:49 - 2014-05-06 07:31 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-10-13 02:49 - 2014-05-06 06:38 - 00036352 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-10-13 02:49 - 2014-05-06 06:38 - 00038912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2013-03-26 15:16 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-09-26 15:48 - 2014-11-18 14:08 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-01-29 14:05 - 2015-01-29 14:05 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-17 18:47 - 2015-01-17 18:47 - 03347056 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-01-17 18:47 - 2015-01-17 18:47 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-01-17 18:47 - 2015-01-17 18:47 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-12-08 18:04 - 2014-12-08 18:04 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2010-07-19 21:49 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-17 18:11 - 2010-02-10 15:43 - 09515520 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtGui4.dll
2013-10-02 09:38 - 2012-10-08 02:41 - 00082944 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\plugins\imageformats\qgif4.dll
2013-10-02 09:38 - 2012-10-08 02:41 - 00081920 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\plugins\imageformats\qico4.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:7C784982

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no auXXXatic fix for this section.)

HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no auXXXatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3557091032-3563988234-1886976076-500 - Administrator - Disabled)
Gast (S-1-5-21-3557091032-3563988234-1886976076-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3557091032-3563988234-1886976076-1002 - Limited - Enabled)
XXX YYY (S-1-5-21-3557091032-3563988234-1886976076-1000 - Administrator - Enabled) => C:\Users\XXX YYY

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/19/2015 11:48:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/19/2015 11:48:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/19/2015 11:48:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/19/2015 11:43:23 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
  bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
  bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (02/19/2015 11:42:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fe9331aa71
ID des fehlerhaften Prozesses: 0x1d50
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3

Error: (02/19/2015 11:42:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
  bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  bei System.Windows.Application.RunInternal(System.Windows.Window)
  bei System.Windows.Application.Run()
  bei VCAgent.App.Main()

Error: (02/19/2015 10:48:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/19/2015 10:48:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/19/2015 10:08:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_WbioSrvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0x80004004
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x1264
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_WbioSrvc0
Pfad der fehlerhaften Anwendung: svchost.exe_WbioSrvc1
Pfad des fehlerhaften Moduls: svchost.exe_WbioSrvc2
Berichtskennung: svchost.exe_WbioSrvc3

Error: (02/18/2015 09:11:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fe9284aa71
ID des fehlerhaften Prozesses: 0x370
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3


System errors:
=============
Error: (02/19/2015 11:43:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PDFProFiltSrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/19/2015 11:43:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/19/2015 11:43:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/19/2015 11:43:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (02/19/2015 10:14:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/19/2015 10:14:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (02/19/2015 10:08:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Biometriedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/18/2015 09:11:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PDFProFiltSrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/18/2015 09:11:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/18/2015 09:11:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office Sessions:
=========================
Error: (02/19/2015 11:48:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX YYY\AppData\Local\join.me\join.me.exe

Error: (02/19/2015 11:48:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX YYY\AppData\Local\join.me\join.me.exe

Error: (02/19/2015 11:48:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX YYY\AppData\Local\join.me\join.me.exe

Error: (02/19/2015 11:43:23 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
  bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
  bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (02/19/2015 11:42:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c0000005000007fe9331aa711d5001d04b54180c070fC:\Program Files\Sony\VAIO Care\VCAgent.exeunknown06859bd1-b824-11e4-8007-0024bed7ff33

Error: (02/19/2015 11:42:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
  bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  bei System.Windows.Application.RunInternal(System.Windows.Window)
  bei System.Windows.Application.Run()
  bei VCAgent.App.Main()

Error: (02/19/2015 10:48:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX YYY\Downloads\esetsmartinstaller_deu(1).exe

Error: (02/19/2015 10:48:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX YYY\Downloads\esetsmartinstaller_deu.exe

Error: (02/19/2015 10:08:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_WbioSrvc6.1.7600.163854a5bc3c1KERNELBASE.dll6.1.7601.184095315a05a80004004000000000000940d126401d04b535cef8de8C:\Windows\system32\svchost.exeC:\Windows\system32\KERNELBASE.dlle599669c-b816-11e4-8007-0024bed7ff33

Error: (02/18/2015 09:11:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c0000005000007fe9284aa7137001d049feca3127c3C:\Program Files\Sony\VAIO Care\VCAgent.exeunknownb477e860-b745-11e4-bdba-0024bed7ff33


CodeIntegrity Errors:
===================================
  Date: 2015-02-09 21:07:05.858
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-02-09 21:07:05.655
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Percentage of memory in use: 74%
Total physical RAM: 3765.82 MB
Available physical RAM: 972.47 MB
Total Pagefile: 7529.83 MB
Available Pagefile: 3634.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.17 GB) (Free:11.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 720CB564)
Partition 1: (Not Active) - (Size=8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Und das FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by XXX YYY (administrator) on XXXYYY-VAIO on 19-02-2015 16:13:26
Running from C:\Users\XXX YYY\Desktop
Loaded Profiles: XXX YYY (Available profiles: XXX YYY)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvservice.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(UPEK Inc.) C:\Program Files\Protector Suite\upeksvr.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(UPEK Inc.) C:\Program Files\Protector Suite\psqltray.exe
(Microsoft Corporation) C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\FastStone Capture\FSCapture.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
( ) C:\Users\XXX YYY\Desktop\VEW.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Farbar) C:\Users\XXX YYY\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9962016 2010-06-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2010-03-01] (Synaptics Incorporated)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\Protector Suite\launcher.exe [84744 2010-04-27] (UPEK Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [MobileBroadband] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [253440 2010-05-18] (Vodafone)
HKLM-x32\...\Run: [MarketingTools] => C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [26624 2013-03-19] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\Protector Suite\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\Run: [SkyDrive] => C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\Run: [GoogleChromeAutoLaunch_550EDA027B4B11347618D98EDCBB3ADF] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\Protector Suite\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe ()
Startup: C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite\farchns.dll (UPEK Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite\farchns.dll (UPEK Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000 -> {3617BCD7-E991-4BB5-8542-09A0B20EE913} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000 -> {794C16B2-C354-42CB-8212-172F5BD771B6} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000 -> {A70EC677-F517-45E6-831A-E87104D7AC0B} URL = hxxp://de.shopping.com/?linkin_id=8056363
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{876E33B5-EE1E-4322-8F79-79EB6087A1E2}: [NameServer] 
Tcpip\..\Interfaces\{AA2DF348-6AB3-482F-A8BC-41E89158A468}: [NameServer] 10.74.210.210 10.74.210.211

FireFox:
========
FF ProfilePath: C:\Users\XXX YYY\AppData\Roaming\Mozilla\Firefox\Profiles\gwlew6n9.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*'))%20%7B%20return%20'PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\XXX YYY\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3557091032-3563988234-1886976076-1000: @citrixonline.com/appdetectorplugin -> C:\Users\XXX YYY\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-3557091032-3563988234-1886976076-1000: LWAPlugin15.8 -> C:\Users\XXX YYY\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\XXX YYY\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\XXX YYY\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\XXX YYY\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Users\XXX YYY\AppData\Roaming\Mozilla\Firefox\Profiles\gwlew6n9.default\searchplugins\translate-korean-to-english.xml
FF Extension: ProxMate - C:\Users\XXX YYY\AppData\Roaming\Mozilla\Firefox\Profiles\gwlew6n9.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-08-09]
FF Extension: TinEye Reverse Image Search - C:\Users\XXX YYY\AppData\Roaming\Mozilla\Firefox\Profiles\gwlew6n9.default\Extensions\tineye@ideeinc.com.xpi [2013-03-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=5ABA002710DD58F0&affID=119357&tsp=4958"
CHR Profile: C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BetterTTV) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-10-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-16]
CHR Extension: (Avira Browser Safety) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-11]
CHR Extension: (Helium Backup) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2015-01-19]
CHR Extension: (Google Wallet) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-05]
CHR Profile: C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (BetterTTV) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-26]
CHR Extension: (YouTube) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google Search) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Google Sheets) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (Avira Browser Safety) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Gmail) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] ()
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 nvservice; C:\Windows\system32\nvservice.exe [192800 2013-02-04] (NVIDIA Corporation)
R2 QDLService2kSony; c:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [332024 2010-06-03] (QUALCOMM, Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 VmbService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2010-05-18] (Vodafone) [File not signed]
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 0067591363772028mcinstcleanup; C:\Windows\TEMP\006759~1.EXE -cleanup -nolog [X]
S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 qcfiltersny2k; C:\Windows\System32\DRIVERS\qcfiltersny2k.sys [6400 2010-06-03] (QUALCOMM Incorporated)
S3 qcombussny; C:\Windows\System32\DRIVERS\qcombussny.sys [137800 2010-06-03] (MCCI)
S3 qcusbnetsny2k; C:\Windows\System32\DRIVERS\qcusbnetsny2k.sys [442368 2010-06-03] (QUALCOMM Incorporated)
S3 qcusbsersny2k; C:\Windows\System32\DRIVERS\qcusbserSny2k.sys [230784 2010-06-03] (QUALCOMM Incorporated)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-22] (RapidSolution Software AG)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
S3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [35496 2014-09-05] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-12-30] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 16:12 - 2015-02-19 16:12 - 02086912 _____ (Farbar) C:\Users\XXX YYY\Desktop\FRST64(1).exe
2015-02-19 11:50 - 2015-02-19 13:18 - 00053044 _____ () C:\vew.txt
2015-02-19 11:49 - 2015-02-19 11:49 - 00000000 _____ () C:\test.txt
2015-02-19 11:41 - 2015-02-19 11:41 - 00000000 _____ () C:\Users\XXX YYY\Documents\vew.txt
2015-02-19 10:48 - 2015-02-19 10:48 - 00061440 _____ ( ) C:\Users\XXX YYY\Desktop\VEW.exe
2015-02-19 10:14 - 2015-02-19 10:14 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\Steam
2015-02-18 09:31 - 2015-02-18 09:32 - 85509932 _____ () C:\Users\XXX YYY\Desktop\User Data.rar
2015-02-16 16:05 - 2015-02-16 16:05 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-XXXYYY-VAIO-Windows-7-Professional-(64-bit).dat
2015-02-16 16:05 - 2015-02-16 16:05 - 00000000 ____D () C:\RegBackup
2015-02-16 15:33 - 2015-02-16 16:08 - 00002107 _____ () C:\Users\XXX YYY\Documents\settings.ini
2015-02-16 15:33 - 2015-02-07 10:03 - 02172160 _____ (Tweaking.com) C:\Users\XXX YYY\Documents\Repair_Windows.exe
2015-02-16 15:33 - 2015-01-26 19:07 - 00014396 _____ () C:\Users\XXX YYY\Documents\file_list.txt
2015-02-16 15:33 - 2014-12-23 14:04 - 00000000 ____D () C:\Users\XXX YYY\Documents\color_presets
2015-02-16 15:33 - 2014-11-11 05:07 - 00000000 ____D () C:\Users\XXX YYY\Documents\repairs_info
2015-02-16 15:33 - 2014-10-20 23:13 - 00000000 ____D () C:\Users\XXX YYY\Documents\files
2015-02-16 15:33 - 2014-10-02 01:32 - 00005447 _____ () C:\Users\XXX YYY\Documents\Repair_Windows.exe.manifest
2015-02-16 15:33 - 2014-08-25 21:02 - 00852960 _____ (Tweaking.com) C:\Users\XXX YYY\Documents\TweakingImgCtl.ocx
2015-02-16 15:33 - 2014-04-03 22:54 - 00271328 _____ (Tweaking.com) C:\Users\XXX YYY\Documents\tweaking_com_treeview.ocx
2015-02-16 15:33 - 2014-04-03 22:54 - 00234464 _____ (Tweaking.com) C:\Users\XXX YYY\Documents\tweaking_tabs.ocx
2015-02-16 15:33 - 2013-09-04 10:16 - 00118841 _____ (Unicontsoft) C:\Users\XXX YYY\Documents\VszLib.dll
2015-02-16 15:33 - 2011-04-18 19:54 - 00277504 _____ (Igor Pavlov) C:\Users\XXX YYY\Documents\7za.dll
2015-02-16 15:33 - 2009-03-24 20:52 - 00136008 _____ (Microsoft Corporation) C:\Users\XXX YYY\Documents\msinet.ocx
2015-02-16 15:33 - 2003-01-26 22:41 - 00040960 _____ (vbAccelerator) C:\Users\XXX YYY\Documents\SSubTmr6.dll
2015-02-16 15:32 - 2015-02-16 15:32 - 10215062 _____ () C:\Users\XXX YYY\Downloads\tweaking.com_windows_repair_aio.zip
2015-02-12 17:25 - 2015-02-12 17:26 - 00000000 ____D () C:\Users\XXX YYY\Documents\Apowersoft Free Screen Recorder
2015-02-12 17:24 - 2015-02-12 17:24 - 00000000 ____D () C:\Users\XXX YYY\AppData\Roaming\Apowersoft
2015-02-12 17:24 - 2015-02-12 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2015-02-12 17:24 - 2015-02-12 17:24 - 00000000 ____D () C:\Program Files (x86)\Apowersoft
2015-02-12 17:24 - 2014-04-09 21:05 - 00031920 _____ (Wondershare) C:\Windows\system32\Drivers\Apowersoft_AudioDevice.sys
2015-02-12 17:24 - 2014-04-09 20:50 - 00443568 ____H (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturing.dll
2015-02-12 17:24 - 2014-04-09 20:50 - 00271536 ____H (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturingFilter.dll
2015-02-12 17:24 - 2014-04-09 20:50 - 00181424 ____H (Bytescout) C:\Windows\SysWOW64\ApowersoftVideoMixerFilter.dll
2015-02-12 17:23 - 2015-02-12 17:23 - 01203488 _____ () C:\Users\XXX YYY\Downloads\Screen Recorder - CHIP-Installer.exe
2015-02-12 13:41 - 2015-02-12 13:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-12 13:39 - 2015-02-12 13:40 - 02347384 _____ (ESET) C:\Users\XXX YYY\Downloads\esetsmartinstaller_deu(1).exe
2015-02-12 13:37 - 2015-02-12 13:37 - 02347384 _____ (ESET) C:\Users\XXX YYY\Downloads\esetsmartinstaller_deu.exe
2015-02-12 11:35 - 2015-02-12 11:35 - 00139290 _____ () C:\Users\XXX YYY\Desktop\OTL Extras.Txt
2015-02-12 11:17 - 2015-02-12 11:36 - 00146944 _____ () C:\Users\XXX YYY\Desktop\OTL.Txt
2015-02-12 11:17 - 2015-02-12 11:17 - 00139534 _____ () C:\Users\XXX YYY\Desktop\Extras.Txt
2015-02-12 10:56 - 2015-02-12 10:57 - 00602112 _____ (OldTimer Tools) C:\Users\XXX YYY\Desktop\OTL.exe
2015-02-11 15:35 - 2015-02-11 15:35 - 00001008 _____ () C:\Users\XXX YYY\Desktop\checkup.txt
2015-02-11 15:25 - 2015-02-11 16:04 - 00000000 ____D () C:\Users\XXX YYY\Desktop\FRST-OlderVersion
2015-02-11 15:18 - 2015-02-11 15:18 - 00852594 _____ () C:\Users\XXX YYY\Desktop\SecurityCheck.exe
2015-02-10 16:21 - 2015-02-19 16:15 - 00032622 _____ () C:\Users\XXX YYY\Desktop\FRST.txt
2015-02-10 16:04 - 2015-02-10 16:04 - 00039026 _____ () C:\Users\XXX YYY\Desktop\HitmanPro_20150210_1603.log
2015-02-09 23:05 - 2015-02-09 23:05 - 11225840 _____ (SurfRight B.V.) C:\Users\XXX YYY\Downloads\HitmanPro_x64.exe
2015-02-09 21:15 - 2015-02-09 21:15 - 00039064 _____ () C:\ComboFix.txt
2015-02-09 20:56 - 2015-02-09 21:15 - 00000000 ____D () C:\Qoobox
2015-02-09 20:56 - 2015-02-09 21:13 - 00000000 ____D () C:\Windows\erdnt
2015-02-09 20:56 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-09 20:56 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-09 20:56 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-09 20:56 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-09 20:56 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-09 20:56 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-09 20:56 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-09 20:56 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-09 20:54 - 2015-02-09 20:55 - 05611930 ____R (Swearware) C:\Users\XXX YYY\Desktop\ComboFix.exe
2015-02-09 20:54 - 2015-02-09 20:54 - 05611930 _____ (Swearware) C:\Users\XXX YYY\Downloads\ComboFix.exe.part
2015-02-09 19:21 - 2015-02-09 19:21 - 02132992 _____ (Farbar) C:\Users\XXX YYY\Downloads\FRST64.exe
2015-02-09 18:04 - 2015-02-09 18:21 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-09 18:03 - 2015-02-09 18:21 - 00000000 ____D () C:\Users\XXX YYY\Desktop\mbar
2015-02-09 18:02 - 2015-02-09 18:02 - 16466552 _____ (Malwarebytes Corp.) C:\Users\XXX YYY\Downloads\mbar-1.08.3.1004.exe
2015-02-09 17:59 - 2015-02-09 17:59 - 00000000 ____D () C:\ProgramData\OnlineUpdate
2015-02-09 17:59 - 2015-02-09 17:59 - 00000000 ____D () C:\ProgramData\log
2015-02-09 17:23 - 2015-02-09 17:23 - 01124352 _____ (Farbar) C:\Users\XXX YYY\Downloads\FRST.exe
2015-02-09 15:05 - 2015-02-09 15:05 - 00442624 _____ () C:\Windows\Minidump\020915-9968-01.dmp
2015-02-09 12:53 - 2015-02-09 12:55 - 00042052 _____ () C:\Users\XXX YYY\Desktop\GMER.log
2015-02-09 12:40 - 2015-02-09 12:40 - 00268832 _____ () C:\Windows\Minidump\020915-10140-01.dmp
2015-02-09 12:29 - 2015-02-09 12:57 - 00149082 _____ () C:\Users\XXX YYY\Desktop\Trojanerboad Forumpost 090215.txt
2015-02-09 12:29 - 2015-02-09 12:29 - 00000869 _____ () C:\Users\XXX YYY\Desktop\Anleitung GMER.txt
2015-02-09 12:28 - 2015-02-09 12:28 - 00064922 _____ () C:\Users\XXX YYY\Downloads\Trojanerboad Forumpost 090215.txt
2015-02-09 12:23 - 2015-02-09 12:26 - 00001097 _____ () C:\Users\XXX YYY\Desktop\Malwarebytes Scan after Malwarebytes Removal.txt
2015-02-09 12:21 - 2015-02-09 12:30 - 00003827 _____ () C:\Users\XXX YYY\Desktop\Malwarebytes Scan.txt
2015-02-09 12:18 - 2015-02-09 12:18 - 00380416 _____ () C:\Users\XXX YYY\Downloads\Gmer-19357.exe
2015-02-09 12:01 - 2015-02-10 14:51 - 00024881 _____ () C:\Users\XXX YYY\Downloads\FRST.txt
2015-02-09 12:00 - 2015-02-19 16:13 - 00000000 ____D () C:\FRST
2015-02-09 11:58 - 2015-02-09 12:28 - 00000470 _____ () C:\Users\XXX YYY\Downloads\defogger_disable.log
2015-02-09 11:58 - 2015-02-09 11:58 - 00000000 _____ () C:\Users\XXX YYY\defogger_reenable
2015-02-09 11:57 - 2015-02-09 11:57 - 00050477 _____ () C:\Users\XXX YYY\Downloads\Defogger.exe
2015-02-09 09:49 - 2015-02-09 13:04 - 00003028 _____ () C:\Users\XXX YYY\Desktop\JRT.txt
2015-02-09 09:43 - 2015-02-09 09:43 - 01388274 _____ (Thisisu) C:\Users\XXX YYY\Downloads\JRT.exe
2015-02-09 09:37 - 2015-02-09 09:41 - 00000000 ____D () C:\AdwCleaner
2015-02-09 09:37 - 2015-02-09 09:37 - 02112512 _____ () C:\Users\XXX YYY\Downloads\AdwCleaner_4.110.exe
2015-02-07 08:01 - 2015-02-07 08:01 - 00262144 _____ () C:\Windows\Minidump\020715-11793-01.dmp
2015-02-05 17:20 - 2015-02-05 17:20 - 00000000 ____D () C:\Users\XXX YYY\Documents\Dungeon of the Endless
2015-02-05 16:56 - 2015-02-09 18:04 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-05 16:56 - 2015-02-09 18:03 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-05 16:56 - 2015-02-05 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-05 16:56 - 2015-02-05 16:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-05 16:56 - 2015-02-05 16:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-05 16:56 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-05 16:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-05 16:55 - 2015-02-05 16:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\XXX YYY\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-04 15:20 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-04 15:20 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-04 15:20 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-04 15:20 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-04 15:20 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-04 15:20 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-04 15:20 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-04 15:20 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-04 15:20 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-04 15:20 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-04 15:20 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-04 15:20 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-04 15:20 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-04 15:20 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-02-04 15:20 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-02-03 15:00 - 2015-02-03 15:01 - 07811072 _____ () C:\Users\XXX YYY\Downloads\LWAPlugin64BitInstaller32.msi
2015-01-29 14:05 - 2015-01-29 14:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-24 16:42 - 2015-01-24 19:43 - 00000000 ____D () C:\ProgramData\Steam
2015-01-23 16:45 - 2015-01-23 16:45 - 00001169 _____ () C:\Users\Public\Desktop\VTech Download Manager.lnk
2015-01-23 16:45 - 2015-01-23 16:45 - 00000000 ____D () C:\ProgramData\VTech
2015-01-23 16:45 - 2015-01-23 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTech
2015-01-23 16:45 - 2015-01-23 16:45 - 00000000 ____D () C:\Program Files (x86)\VTech
2015-01-23 16:44 - 2015-01-23 16:45 - 20758664 _____ (VTech) C:\Users\XXX YYY\Downloads\Kidizoom1407_DE_ger_Setup.exe
2015-01-21 16:05 - 2015-01-21 16:05 - 00217384 _____ (Cisco WebEx LLC) C:\Users\XXX YYY\Downloads\eggits2_Awebex_Acom,eggits2-de,2077473508,-1093361774,MC,0-0,SDJTSwAAAAJeWSAuzW-CSBddk8nRdEnMuWSMwGr2g0C4q48zrQRhMg2_webex.exe
2015-01-21 15:56 - 2015-01-21 16:05 - 00000000 ____D () C:\Users\XXX YYY\AppData\Roaming\webex
2015-01-21 15:56 - 2015-01-21 15:56 - 00646648 _____ (Cisco WebEx LLC) C:\Users\XXX YYY\Downloads\Cisco_WebEx_Add-On.exe
2015-01-21 15:56 - 2015-01-21 15:56 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\WebEx
2015-01-21 15:56 - 2015-01-21 15:56 - 00000000 ____D () C:\ProgramData\WebEx
2015-01-20 14:11 - 2015-01-20 14:11 - 00359961 _____ () C:\Users\XXX YYY\Downloads\Dokument

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 16:13 - 2013-03-19 16:48 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-19 16:13 - 2013-03-19 16:48 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-19 16:11 - 2013-03-20 12:01 - 00000000 ____D () C:\Users\XXX YYY\AppData\Roaming\Skype
2015-02-19 16:08 - 2013-03-20 11:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-19 16:08 - 2013-03-19 16:42 - 01834783 _____ () C:\Windows\WindowsUpdate.log
2015-02-19 11:51 - 2013-03-19 17:01 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{74DD3A27-0DC4-4DEC-A150-6D12E280742E}
2015-02-19 11:49 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-19 11:49 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-19 11:48 - 2013-03-19 16:59 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\VirtualStore
2015-02-19 11:47 - 2013-03-19 16:35 - 00689352 _____ () C:\Windows\system32\perfh007.dat
2015-02-19 11:47 - 2013-03-19 16:35 - 00146652 _____ () C:\Windows\system32\perfc007.dat
2015-02-19 11:47 - 2009-07-14 06:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-19 11:44 - 2014-05-02 11:30 - 00005170 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for XXXYYY-VAIO-XXX YYY XXXYYY-VAIO
2015-02-19 11:43 - 2014-05-02 11:27 - 00000000 ___RD () C:\Users\XXX YYY\OneDrive
2015-02-19 11:43 - 2013-04-02 10:55 - 00000000 ___RD () C:\Users\XXX YYY\Dropbox
2015-02-19 11:43 - 2013-04-02 10:51 - 00000000 ____D () C:\Users\XXX YYY\AppData\Roaming\Dropbox
2015-02-19 11:43 - 2013-04-02 09:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-19 11:43 - 2010-07-19 21:44 - 00507252 _____ () C:\Windows\PFRO.log
2015-02-19 11:43 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-19 11:43 - 2009-07-14 05:51 - 00219326 _____ () C:\Windows\setupact.log
2015-02-16 17:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-16 16:34 - 2013-03-19 16:59 - 00117264 _____ () C:\Users\XXX YYY\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-16 16:34 - 2013-03-19 16:40 - 00000000 ____D () C:\Windows\CSC
2015-02-16 16:34 - 2009-07-14 08:45 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-02-16 16:34 - 2009-07-14 05:45 - 00446136 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-16 16:28 - 2009-07-14 03:34 - 00000546 _____ () C:\Windows\win.ini
2015-02-16 15:45 - 2013-04-02 10:51 - 00000000 ____D () C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 16:15 - 2014-11-25 07:59 - 00000000 ____D () C:\Program Files\Recuva
2015-02-12 15:27 - 2013-03-20 12:11 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\Microsoft Help
2015-02-12 14:22 - 2013-04-02 10:14 - 00000000 ____D () C:\Users\XXX YYY\Documents\mobalo
2015-02-10 16:22 - 2013-12-06 11:02 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-10 16:22 - 2013-03-23 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-10 16:22 - 2013-03-23 22:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-09 21:15 - 2013-03-20 12:05 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\Apps\2.0
2015-02-09 21:15 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-09 21:12 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-09 21:10 - 2009-07-14 03:34 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_795
2015-02-09 15:05 - 2013-03-23 17:07 - 00000000 ____D () C:\Windows\Minidump
2015-02-09 11:58 - 2013-03-19 16:59 - 00000000 ____D () C:\Users\XXX YYY
2015-02-08 16:08 - 2013-03-19 16:48 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-08 16:08 - 2013-03-19 16:48 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 17:19 - 2013-03-20 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-05 17:19 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\addins
2015-02-05 16:28 - 2013-03-20 11:36 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 16:28 - 2013-03-20 11:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 16:28 - 2013-03-20 11:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 15:31 - 2013-08-19 18:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-04 15:20 - 2013-03-20 11:10 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-02 12:08 - 2010-07-19 21:45 - 00626734 _____ () C:\Windows\DPINST.LOG
2015-02-02 12:07 - 2013-03-25 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-01-24 19:43 - 2014-12-12 18:11 - 00000000 ____D () C:\ProgramData\PopCap Games
2015-01-21 18:27 - 2013-04-02 10:22 - 00000000 ____D () C:\Users\XXX YYY\.thinkbuzan
2015-01-21 18:26 - 2013-04-02 10:22 - 00000000 ____D () C:\ProgramData\ThinkBuzan
2015-01-21 18:26 - 2013-04-02 10:22 - 00000000 ____D () C:\ProgramData\JSoft

==================== Files in the root of some directories =======

2006-12-11 18:13 - 2006-12-11 18:13 - 0097336 _____ (Un4seen Developments) C:\Users\XXX YYY\AppData\Local\bass.dll
2006-12-11 18:13 - 2006-12-11 18:13 - 0013872 _____ (Un4seen Developments) C:\Users\XXX YYY\AppData\Local\basscd.dll
2007-08-13 16:46 - 2007-08-13 16:46 - 0102912 _____ (Albert L Faber) C:\Users\XXX YYY\AppData\Local\CDRip.dll
2007-01-18 20:09 - 2007-01-18 20:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\XXX YYY\AppData\Local\No23 Recorder.exe
2013-09-13 13:59 - 2013-11-05 17:27 - 0001509 _____ () C:\Users\XXX YYY\AppData\Local\RecConfig.xml
2014-04-05 12:13 - 2014-04-05 12:13 - 0000017 _____ () C:\Users\XXX YYY\AppData\Local\resmon.resmoncfg
2013-03-20 12:05 - 2013-03-19 02:13 - 0000000 _____ () C:\Users\XXX YYY\AppData\Local\{8163A258-9D27-40E7-8400-AAC988DB596D}
2013-03-20 12:05 - 2013-03-19 02:13 - 0000000 _____ () C:\Users\XXX YYY\AppData\Local\{E0B5EB61-5E6A-4483-A017-B5D5359A35B3}
2014-01-07 17:28 - 2014-01-07 17:28 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-05-17 14:20 - 2010-05-17 14:20 - 0157382 ____R () C:\ProgramData\DeviceManager.xml.rc4

ZeroAccess:
C:\Users\XXX YYY\AppData\Local\{4fa287a5-a9e8-a902-8c66-f7e1d24caa8e}

Some content of TEMP:
====================
C:\Users\XXX YYY\AppData\Local\Temp\avgnt.exe
C:\Users\XXX YYY\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6av0gr.dll


==================== Bamital & volsnap Check =================

(There is no auXXXatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-16 17:42

==================== End Of Log ============================
--- --- ---

Warlord711 19.02.2015 16:37
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Dein Java ist nicht mehr aktuell.
Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 8 Update 31 ) herunter laden.
  • Entferne den Haken bei "Installieren Sie die Ask-Toolbar ..." während der Installation.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Haken gesetzt ist und klicke OK.
  • Klicke erneut OK.
schneller Plugin-Test: PluginCheck


Bleiben die Drucker-Meldung jetzt aus ?

LarryPerkins 20.02.2015 10:01
Liste der Anhänge anzeigen (Anzahl: 1)
Wie Du im Anhang siehst (wieder mit nem Screenrecorder aufgenommen) ist das Problem immernoch da.


Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by XXX YYY at 2015-02-20 08:18:55 Run:2
Running from C:\Users\XXX YYY\Desktop
Loaded Profiles: XXX YYY (Available profiles: XXX YYY)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.

==== End of Fixlog 08:18:55 ====

Warlord711 20.02.2015 11:54
Zitat:
Task: {187BF442-5A85-44DE-9CC7-0241C7AC7642} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Wirklich ?

Win 7 und Office 2010 kosten doch zusammen keine 100 € bei ebay.



Lesestoff:
Cracks und Keygens
Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert.

Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle nicht weiter bereinigen, da wir ein solches Vorgehen nicht unterstützen. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen.


Da die Bereinigung eh schon durch ist, kannst das bitte löschen, schon allein um es als Fehlerquelle auszuschliessen.

Oder läuft dann Windows nicht mehr ?

LarryPerkins 20.02.2015 11:58
Ich weiß nicht genau was Du meinst..? Ich nutze Office 2013 mit monatl. Gebühr und Windows 7 war bei meinem Rechner dabei? Das installiert sich sogar bei nem Rechner Wipe von selbst neu. Was soll ich da löschen?

Warlord711 20.02.2015 12:10
What is AutoKMS.exe? - Microsoft Community

Also AutoKMS oder KMSpico ist zu 99% ein Hinweis auf gecracktes Office und/oder Windows. Da du Office 2010 lt. Addition.txt installiert hast, gehe ich erstmal davon aus das es zu 99% gecrackt ist.

Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
  • Klicke auf Wählen Sie eine
  • Kopiere nun folgendes in die Suchleiste
    Code:
    C:\Windows\AutoKMS.exe
  • und klicke auf Öffnen.
  • Klicke auf Scannen!.
  • Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen
    Zitat:
    Diese Datei wurde bereits von VirusTotal analysiert...
    klicke auf Neu analysieren.
  • Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
  • Kopiere den Link aus deiner Adresszeile und poste ihn hier.

LarryPerkins 20.02.2015 12:50
In C:\Windows gibt es keine AutoKMS.exe Datei.

Ja da ist tatsächlich noch Office 2010 drauf seh ich grad, aber das nutze ich schon lang nicht mehr. Ich hab das gerade deinstalliert, danke für den Hinweis. Woher ich das vor 5 Jahren hatte kann ich wirklich heute nicht mehr nachvollziehen, brauch es aber wie gesagt auch nicht.

Warlord711 20.02.2015 13:50
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
file: C:\Windows\AutoKMS.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Und bitte neue FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

http://saved.im/mtg0mjy4yjlu/2014-04...ryscantool.png

LarryPerkins 20.02.2015 14:14
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by Tom Rauhe at 2015-02-20 14:06:33 Run:3
Running from C:\Users\XXX\Desktop
Loaded Profiles: Tom Rauhe (Available profiles: Tom Rauhe)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
file: C:\Windows\AutoKMS.exe
*****************


========================= file: C:\Windows\AutoKMS.exe ========================

"C:\Windows\AutoKMS.exe" not found.
====== End Of File: ======


==== End of Fixlog 14:06:34 ====
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by XXX YYY at 2015-02-20 14:10:23
Running from C:\Users\XXX YYY\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7 Grand Steps, Step 1: What Ancients Begat (HKLM-x32\...\Steam App 238930) (Version:  - Mousechief)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apowersoft kostenloser Bildschirmrekorder V1.4.0 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.4.0 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
Audials (HKLM-x32\...\{D928A4B7-126D-47B6-AD76-9848E51E1426}) (Version: 10.2.14807.700 - Audials AG)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bad Hotel (HKLM-x32\...\Steam App 231720) (Version:  - Lucky Frame)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 2 Deluxe (HKLM-x32\...\Steam App 3300) (Version:  - PopCap Games, Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Chainsaw Warrior (HKLM-x32\...\Steam App 251710) (Version:  - Auroch Digital)
Choice of the Deathless (HKLM-x32\...\Steam App 318310) (Version:  - Choice of Games)
Chuzzle Deluxe (HKLM-x32\...\Steam App 3310) (Version:  - PopCap Games, Inc.)
Cinders (HKLM-x32\...\Steam App 293680) (Version:  - MoaCube)
Cisco WebEx Meetings (HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
Dead Man's Draw (HKLM-x32\...\Steam App 262450) (Version:  - Stardock Entertainment)
Death Skid Marks (HKLM-x32\...\Steam App 326150) (Version:  - Studio Whisky Tango Inc.)
Deinst. f. Druckertreiber UFR II (HKLM\...\Canon UFR II Printer Driver) (Version: 5, 4, 0, 0 - Canon Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.80 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.4.2224 - Evernote Corp.)
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version:  - Mode 7)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Gods Will Be Watching (HKLM-x32\...\Steam App 274290) (Version:  - Deconstructeam)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoXXXeeting 6.0.0.1259 (HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\GoXXXeeting) (Version: 6.0.0.1259 - CitrixOnline)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät (HKLM\...\{EF3293DE-FCAC-4742-91BF-AD0174143FC3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Hilfe (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
iMindMap 6 (HKLM-x32\...\{C5711BC2-2E1C-4556-9922-02BF2865A5EE}) (Version: 6.0.617 - ThinkBuzan)
Insaniquarium! Deluxe (HKLM-x32\...\Steam App 3320) (Version:  - PopCap Games, Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.68.55 - Huawei Technologies Co.,Ltd)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
julitecCRM 7.5 (HKLM-x32\...\julitecCRM_is1) (Version:  - )
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kentucky Route Zero (HKLM-x32\...\Steam App 231200) (Version:  - Cardboard Computer)
Long Live The Queen (Demo) 1.0 (HKLM-x32\...\Long Live The Queen_is1) (Version:  - Hanako Games)
LUFTRAUSERS (HKLM-x32\...\Steam App 233150) (Version:  - Vlambeer)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{6619085B-A9D5-4DDD-800B-964903EAF546}) (Version: 15.8.8308.726 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monster Loves You! (HKLM-x32\...\Steam App 226740) (Version:  - Radial Games Corp)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap Games, Inc.)
Plush (HKLM-x32\...\Steam App 341820) (Version:  - Red Head Games)
Protector Suite 2009 (HKLM\...\{0F841121-4DB6-4B31-839F-7F5AB3BB3423}) (Version: 5.9.3.6321 - UPEK Inc.)
Psy High (HKLM-x32\...\Steam App 339510) (Version:  - Choice of Games)
Puzzle Quest (HKLM-x32\...\Steam App 12500) (Version:  - D3)
Qualcomm Gobi 2000 Package for Sony (HKLM-x32\...\{1F4E59C0-EE31-47EE-BCC3-1A73C3F023BF}) (Version: 1.1.160 - QUALCOMM)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.4-1.0.7299.14 - raidcall.com)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6028 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
simfy (HKLM-x32\...\Simfy) (Version: 1.7.6 - simfy AG)
simfy (x32 Version: 1.7.6 - simfy AG) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sokobond (HKLM-x32\...\Steam App 290260) (Version:  - Alan Hazelden)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated)
TBBackup 2 (Freiversion) (HKLM-x32\...\DED9B6BE-2B04-4799-A88F-8BBF4D114AAF_is1) (Version: 2 - Priotecs IT GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
The Bridge (HKLM-x32\...\Steam App 204240) (Version:  - Ty Taylor and Mario Castañeda)
Thieves' Gambit: Curse of the Black Cat (HKLM-x32\...\Steam App 328550) (Version:  - Choice of Games)
Thirty Flights of Loving (HKLM-x32\...\Steam App 214700) (Version:  - Blendo Games)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TOP (HKLM\...\TOP) (Version: 2.1.1.0 - mediMACH GmbH & Co. KG)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Uplink (HKLM-x32\...\Steam App 1510) (Version:  - Introversion Software)
VAIO Care (HKLM\...\{D9FFE40D-1A85-4541-992C-5EF505F391A4}) (Version: 8.4.2.12041 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.0.06080 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Marketing Tools (HKLM-x32\...\MarketingTools) (Version:  - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version:  - Ubisoft Montpellier)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vodafone Mobile Broadband (HKLM-x32\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.0.300.23587 - Vodafone)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 5.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
Wondershare Dr.Fone for Android(Build 4.8.1.136) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 4.8.1.136 - Wondershare Software Co.,Ltd.)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)

==================== CusXXX CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Citrix\GoXXXeeting\1259\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CusXXXCLSID: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-02-2015 12:15:20 Removed Microsoft Office Professional Plus 2010

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-02-16 16:28 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07003042-FCBF-4E03-9084-D7217B6EC518} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {0F0A4936-B027-44CB-B669-5B9F92B3F192} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {187BF442-5A85-44DE-9CC7-0241C7AC7642} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {1A5ED98B-E26E-4F78-8E49-5AAF4F656B37} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {1FA704D2-62BF-43D6-840A-2D4F9786E076} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)
Task: {2CE11264-F006-4465-8975-FA2EA0245B3D} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)
Task: {2D0606BE-BE7B-4C6F-942C-07B45CBB4D01} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {367F27E4-A729-4EB5-80C6-6B08FE47DB1F} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {402882DC-CDFE-49E2-A954-3F809F37851D} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {413513C7-60B9-4045-8171-6A8D9EBDD495} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {568B3CF3-0B50-4A11-9478-284D3A055670} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {576BD409-939A-4F67-B3ED-0E82591D6BF3} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {61B8DD12-39BF-4BBF-B084-8F92D5F3A324} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {69CE1657-328E-4DA1-8663-A6BF1CCD6B53} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {8064F21C-7DCF-4763-9DBF-7722C2057EC9} - System32\Tasks\Microsoft\Office\Office AuXXXatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {80EF32D9-20FD-4C21-9265-C33EBCE1A4FD} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {81A39738-5497-488C-8C74-6567DD8AAD4B} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {85FB3BD6-50D8-4849-9EBA-D1986B341972} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {888841F4-9762-4C71-B89D-B7EDB973865A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {89E6205E-831F-4B74-BF7B-3026B6E6B365} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {941F4092-FB9C-45CD-A9C2-B169B06301AE} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {9F25FF11-44D1-4805-9E91-03529AA0C68C} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {B770129E-F306-434C-B31D-A16B84710116} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {BDDACF5E-FAE8-4757-B563-36FD9129FE8B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C8E76728-2150-4BA0-B8A4-312038C6D67C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {C9569DB7-51E7-4271-825E-5D767A82801B} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-06-08] (Sony Corporation)
Task: {CDEE1781-E40E-48A6-AF87-12F74E527282} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {D82BD1C7-8232-4603-BFFC-6C038A5B5C53} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {DBB38736-AA50-4AD2-9F1F-C2365E1C0309} - System32\Tasks\Microsoft Office 15 Sync Maintenance for XXXYYY-VAIO-XXX YYY XXXYYY-VAIO => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {E0069895-C592-4682-9B56-15AF40694CCF} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E21FD473-244F-4C5F-A416-6E806AADD30D} - System32\Tasks\{AA8032E1-7990-40E7-9D86-A05BAD4EA3DB} => pcalua.exe -a "C:\Program Files (x86)\QT Lite\QTSystem\quicktime.cpl"
Task: {EA1DFED2-7347-45D2-9332-8F46642B0487} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-06-08] (Sony Corporation)
Task: {EAB4BD7C-A20A-4956-B70F-B8FB3C9F2A3C} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {F8544C8C-401A-4588-9992-5F23AC4E6FD4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-05-02 11:19 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-09-17 18:11 - 2011-06-17 12:04 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2007-02-12 20:51 - 2007-02-12 20:51 - 01111552 _____ () C:\Program Files (x86)\FastStone Capture\FSCapture.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-10-13 02:49 - 2014-06-20 07:42 - 00401280 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-10-02 09:38 - 2011-06-17 12:04 - 01434464 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe
2013-09-17 18:11 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2013-09-17 18:11 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2013-09-17 18:11 - 2010-05-05 09:47 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2013-09-17 18:11 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2013-03-19 16:48 - 2010-05-31 19:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2013-03-19 16:48 - 2010-05-31 19:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-03-25 13:23 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-24 19:33 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-24 19:33 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-24 19:33 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 22:02 - 2015-02-19 00:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 09:13 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 09:13 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 09:13 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 09:13 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 09:13 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-03-29 10:53 - 2015-02-19 00:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-09-25 11:37 - 2014-09-25 11:37 - 00081056 _____ () C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-09-25 11:37 - 2014-09-25 11:37 - 00081056 _____ () C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2015-02-10 22:00 - 2015-02-10 22:00 - 00750080 _____ () C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-20 12:49 - 2015-02-20 12:49 - 00043008 _____ () c:\Users\XXX YYY\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps2ulp7.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00047616 _____ () C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00865280 _____ () C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00200704 _____ () C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-03-19 16:51 - 2013-03-19 16:51 - 00054784 _____ () C:\Program Files (x86)\Sony\Marketing Tools\Win32Interop.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-13 02:49 - 2014-03-04 12:20 - 00117760 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-10-13 02:49 - 2014-04-22 03:14 - 00065536 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QHttpServer.dll
2014-10-13 02:49 - 2014-05-06 06:39 - 00861184 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-10-13 02:49 - 2014-05-06 06:38 - 00021504 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-10-13 02:49 - 2014-05-06 06:38 - 00020992 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-10-13 02:49 - 2014-05-06 06:38 - 00204800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-10-13 02:49 - 2014-05-06 11:44 - 00218112 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-10-13 02:49 - 2014-05-06 06:58 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-10-13 02:49 - 2014-05-06 11:44 - 00015360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-10-13 02:49 - 2014-05-06 11:44 - 00307712 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-10-13 02:49 - 2014-05-06 11:44 - 00014848 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-10-13 02:49 - 2014-05-06 07:31 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-10-13 02:49 - 2014-05-06 06:38 - 00036352 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-10-13 02:49 - 2014-05-06 06:38 - 00038912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2013-03-26 15:16 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-09-26 15:48 - 2014-11-18 14:08 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-12-08 18:04 - 2014-12-08 18:04 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2010-07-19 21:49 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-01-17 18:47 - 2015-01-17 18:47 - 03347056 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-01-17 18:47 - 2015-01-17 18:47 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-01-17 18:47 - 2015-01-17 18:47 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-09-17 18:11 - 2010-02-10 15:43 - 09515520 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtGui4.dll
2013-10-02 09:38 - 2012-10-08 02:41 - 00082944 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\plugins\imageformats\qgif4.dll
2013-10-02 09:38 - 2012-10-08 02:41 - 00081920 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\plugins\imageformats\qico4.dll
2014-09-26 15:47 - 2014-11-18 14:07 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-01-29 14:05 - 2015-01-29 14:05 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:7C784982

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no auXXXatic fix for this section.)

HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no auXXXatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3557091032-3563988234-1886976076-500 - Administrator - Disabled)
Gast (S-1-5-21-3557091032-3563988234-1886976076-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3557091032-3563988234-1886976076-1002 - Limited - Enabled)
XXX YYY (S-1-5-21-3557091032-3563988234-1886976076-1000 - Administrator - Enabled) => C:\Users\XXX YYY

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/20/2015 02:06:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x2204
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (02/20/2015 00:48:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fe923ea321
ID des fehlerhaften Prozesses: 0x18f4
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3

Error: (02/20/2015 00:48:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
  bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  bei System.Windows.Application.RunInternal(System.Windows.Window)
  bei System.Windows.Application.Run()
  bei VCAgent.App.Main()

Error: (02/20/2015 11:58:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/20/2015 11:58:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/20/2015 08:28:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/20/2015 08:28:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/20/2015 08:24:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fe92b4b1f1
ID des fehlerhaften Prozesses: 0x1f40
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3

Error: (02/20/2015 08:24:48 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
  bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  bei System.Windows.Application.RunInternal(System.Windows.Window)
  bei System.Windows.Application.Run()
  bei VCAgent.App.Main()

Error: (02/20/2015 08:18:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x77c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3


System errors:
=============
Error: (02/20/2015 00:49:34 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist.

Error: (02/20/2015 00:49:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PDFProFiltSrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/20/2015 00:49:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/20/2015 00:49:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/20/2015 00:49:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (02/20/2015 00:47:28 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (02/20/2015 08:25:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PDFProFiltSrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/20/2015 08:25:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/20/2015 08:25:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/20/2015 08:25:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.


Microsoft Office Sessions:
=========================
Error: (02/20/2015 02:06:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425220401d04d035b2d446eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll4c56c079-b901-11e4-92b3-0024bed7ff33

Error: (02/20/2015 00:48:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c0000005000007fe923ea32118f401d04cdf269a5435C:\Program Files\Sony\VAIO Care\VCAgent.exeunknown5e915548-b8f6-11e4-aaa2-0024bed7ff33

Error: (02/20/2015 00:48:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
  bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  bei System.Windows.Application.RunInternal(System.Windows.Window)
  bei System.Windows.Application.Run()
  bei VCAgent.App.Main()

Error: (02/20/2015 11:58:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX YYY\AppData\Local\join.me\join.me.exe

Error: (02/20/2015 11:58:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX YYY\AppData\Local\join.me\join.me.exe

Error: (02/20/2015 08:28:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX YYY\AppData\Local\join.me\join.me.exe

Error: (02/20/2015 08:28:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\XXX YYY\AppData\Local\join.me\join.me.exe

Error: (02/20/2015 08:24:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c0000005000007fe92b4b1f11f4001d04c319f036b2eC:\Program Files\Sony\VAIO Care\VCAgent.exeunknown8d497b03-b8d1-11e4-aadb-0024bed7ff33

Error: (02/20/2015 08:24:48 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
  bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
  bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  bei System.Windows.Application.RunInternal(System.Windows.Window)
  bei System.Windows.Application.Run()
  bei VCAgent.App.Main()

Error: (02/20/2015 08:18:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f224800000030000142577c01d04cdc9d74c15bC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllba6ecc8e-b8d0-11e4-aadb-0024bed7ff33


CodeIntegrity Errors:
===================================
  Date: 2015-02-09 21:07:05.858
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-02-09 21:07:05.655
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Percentage of memory in use: 66%
Total physical RAM: 3765.82 MB
Available physical RAM: 1265.65 MB
Total Pagefile: 7529.83 MB
Available Pagefile: 3786.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.17 GB) (Free:16.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 720CB564)
Partition 1: (Not Active) - (Size=8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by XXX YYY (administrator) on XXXYYY-VAIO on 20-02-2015 14:07:54
Running from C:\Users\XXX YYY\Desktop
Loaded Profiles: XXX YYY (Available profiles: XXX YYY)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvservice.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(UPEK Inc.) C:\Program Files\Protector Suite\upeksvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(UPEK Inc.) C:\Program Files\Protector Suite\psqltray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
() C:\Program Files (x86)\FastStone Capture\FSCapture.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Farbar) C:\Users\XXX YYY\Desktop\FRST64(1).exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9962016 2010-06-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2010-03-01] (Synaptics Incorporated)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\Protector Suite\launcher.exe [84744 2010-04-27] (UPEK Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [MobileBroadband] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [253440 2010-05-18] (Vodafone)
HKLM-x32\...\Run: [MarketingTools] => C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [26624 2013-03-19] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\Protector Suite\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\Run: [SkyDrive] => C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\...\Run: [GoogleChromeAutoLaunch_550EDA027B4B11347618D98EDCBB3ADF] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\Protector Suite\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite\farchns.dll (UPEK Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite\farchns.dll (UPEK Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3557091032-3563988234-1886976076-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000 -> {3617BCD7-E991-4BB5-8542-09A0B20EE913} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000 -> {794C16B2-C354-42CB-8212-172F5BD771B6} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-3557091032-3563988234-1886976076-1000 -> {A70EC677-F517-45E6-831A-E87104D7AC0B} URL = hxxp://de.shopping.com/?linkin_id=8056363
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{876E33B5-EE1E-4322-8F79-79EB6087A1E2}: [NameServer] 
Tcpip\..\Interfaces\{AA2DF348-6AB3-482F-A8BC-41E89158A468}: [NameServer] 10.74.210.210 10.74.210.211

FireFox:
========
FF ProfilePath: C:\Users\XXX YYY\AppData\Roaming\Mozilla\Firefox\Profiles\gwlew6n9.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*'))%20%7B%20return%20'PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\XXX YYY\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3557091032-3563988234-1886976076-1000: @citrixonline.com/appdetectorplugin -> C:\Users\XXX YYY\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-3557091032-3563988234-1886976076-1000: LWAPlugin15.8 -> C:\Users\XXX YYY\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\XXX YYY\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\XXX YYY\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\XXX YYY\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Users\XXX YYY\AppData\Roaming\Mozilla\Firefox\Profiles\gwlew6n9.default\searchplugins\translate-korean-to-english.xml
FF Extension: ProxMate - C:\Users\XXX YYY\AppData\Roaming\Mozilla\Firefox\Profiles\gwlew6n9.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-08-09]
FF Extension: TinEye Reverse Image Search - C:\Users\XXX YYY\AppData\Roaming\Mozilla\Firefox\Profiles\gwlew6n9.default\Extensions\tineye@ideeinc.com.xpi [2013-03-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=5ABA002710DD58F0&affID=119357&tsp=4958"
CHR Profile: C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BetterTTV) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-10-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-16]
CHR Extension: (Avira Browser Safety) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-11]
CHR Extension: (Helium Backup) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2015-01-19]
CHR Extension: (Google Wallet) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-05]
CHR Profile: C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (BetterTTV) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-26]
CHR Extension: (YouTube) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google Search) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Google Sheets) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (Avira Browser Safety) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Gmail) - C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] ()
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 nvservice; C:\Windows\system32\nvservice.exe [192800 2013-02-04] (NVIDIA Corporation)
R2 QDLService2kSony; c:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [332024 2010-06-03] (QUALCOMM, Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 VmbService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2010-05-18] (Vodafone) [File not signed]
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 0067591363772028mcinstcleanup; C:\Windows\TEMP\006759~1.EXE -cleanup -nolog [X]
S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 qcfiltersny2k; C:\Windows\System32\DRIVERS\qcfiltersny2k.sys [6400 2010-06-03] (QUALCOMM Incorporated)
S3 qcombussny; C:\Windows\System32\DRIVERS\qcombussny.sys [137800 2010-06-03] (MCCI)
S3 qcusbnetsny2k; C:\Windows\System32\DRIVERS\qcusbnetsny2k.sys [442368 2010-06-03] (QUALCOMM Incorporated)
S3 qcusbsersny2k; C:\Windows\System32\DRIVERS\qcusbserSny2k.sys [230784 2010-06-03] (QUALCOMM Incorporated)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-22] (RapidSolution Software AG)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
S3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [35496 2014-09-05] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-12-30] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 08:22 - 2015-02-20 08:21 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-20 08:20 - 2015-02-20 08:20 - 00639912 _____ (Oracle Corporation) C:\Users\XXX YYY\Downloads\jxpiinstall(1).exe
2015-02-19 16:15 - 2015-02-19 16:18 - 00056773 _____ () C:\Users\XXX YYY\Desktop\Addition.txt
2015-02-19 16:12 - 2015-02-19 16:12 - 02086912 _____ (Farbar) C:\Users\XXX YYY\Desktop\FRST64(1).exe
2015-02-19 11:50 - 2015-02-19 13:18 - 00053044 _____ () C:\vew.txt
2015-02-19 11:49 - 2015-02-19 11:49 - 00000000 _____ () C:\test.txt
2015-02-19 11:41 - 2015-02-19 11:41 - 00000000 _____ () C:\Users\XXX YYY\Documents\vew.txt
2015-02-19 10:48 - 2015-02-19 10:48 - 00061440 _____ ( ) C:\Users\XXX YYY\Desktop\VEW.exe
2015-02-19 10:14 - 2015-02-19 10:14 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\Steam
2015-02-18 09:31 - 2015-02-18 09:32 - 85509932 _____ () C:\Users\XXX YYY\Desktop\User Data.rar
2015-02-16 16:05 - 2015-02-16 16:05 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-XXXYYY-VAIO-Windows-7-Professional-(64-bit).dat
2015-02-16 16:05 - 2015-02-16 16:05 - 00000000 ____D () C:\RegBackup
2015-02-16 15:33 - 2015-02-16 16:08 - 00002107 _____ () C:\Users\XXX YYY\Documents\settings.ini
2015-02-16 15:33 - 2015-02-07 10:03 - 02172160 _____ (Tweaking.com) C:\Users\XXX YYY\Documents\Repair_Windows.exe
2015-02-16 15:33 - 2015-01-26 19:07 - 00014396 _____ () C:\Users\XXX YYY\Documents\file_list.txt
2015-02-16 15:33 - 2014-12-23 14:04 - 00000000 ____D () C:\Users\XXX YYY\Documents\color_presets
2015-02-16 15:33 - 2014-11-11 05:07 - 00000000 ____D () C:\Users\XXX YYY\Documents\repairs_info
2015-02-16 15:33 - 2014-10-20 23:13 - 00000000 ____D () C:\Users\XXX YYY\Documents\files
2015-02-16 15:33 - 2014-10-02 01:32 - 00005447 _____ () C:\Users\XXX YYY\Documents\Repair_Windows.exe.manifest
2015-02-16 15:33 - 2014-08-25 21:02 - 00852960 _____ (Tweaking.com) C:\Users\XXX YYY\Documents\TweakingImgCtl.ocx
2015-02-16 15:33 - 2014-04-03 22:54 - 00271328 _____ (Tweaking.com) C:\Users\XXX YYY\Documents\tweaking_com_treeview.ocx
2015-02-16 15:33 - 2014-04-03 22:54 - 00234464 _____ (Tweaking.com) C:\Users\XXX YYY\Documents\tweaking_tabs.ocx
2015-02-16 15:33 - 2013-09-04 10:16 - 00118841 _____ (Unicontsoft) C:\Users\XXX YYY\Documents\VszLib.dll
2015-02-16 15:33 - 2011-04-18 19:54 - 00277504 _____ (Igor Pavlov) C:\Users\XXX YYY\Documents\7za.dll
2015-02-16 15:33 - 2009-03-24 20:52 - 00136008 _____ (Microsoft Corporation) C:\Users\XXX YYY\Documents\msinet.ocx
2015-02-16 15:33 - 2003-01-26 22:41 - 00040960 _____ (vbAccelerator) C:\Users\XXX YYY\Documents\SSubTmr6.dll
2015-02-16 15:32 - 2015-02-16 15:32 - 10215062 _____ () C:\Users\XXX YYY\Downloads\tweaking.com_windows_repair_aio.zip
2015-02-12 17:25 - 2015-02-12 17:26 - 00000000 ____D () C:\Users\XXX YYY\Documents\Apowersoft Free Screen Recorder
2015-02-12 17:24 - 2015-02-12 17:24 - 00000000 ____D () C:\Users\XXX YYY\AppData\Roaming\Apowersoft
2015-02-12 17:24 - 2015-02-12 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2015-02-12 17:24 - 2015-02-12 17:24 - 00000000 ____D () C:\Program Files (x86)\Apowersoft
2015-02-12 17:24 - 2014-04-09 21:05 - 00031920 _____ (Wondershare) C:\Windows\system32\Drivers\Apowersoft_AudioDevice.sys
2015-02-12 17:24 - 2014-04-09 20:50 - 00443568 ____H (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturing.dll
2015-02-12 17:24 - 2014-04-09 20:50 - 00271536 ____H (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturingFilter.dll
2015-02-12 17:24 - 2014-04-09 20:50 - 00181424 ____H (Bytescout) C:\Windows\SysWOW64\ApowersoftVideoMixerFilter.dll
2015-02-12 17:23 - 2015-02-12 17:23 - 01203488 _____ () C:\Users\XXX YYY\Downloads\Screen Recorder - CHIP-Installer.exe
2015-02-12 13:41 - 2015-02-12 13:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-12 13:39 - 2015-02-12 13:40 - 02347384 _____ (ESET) C:\Users\XXX YYY\Downloads\esetsmartinstaller_deu(1).exe
2015-02-12 13:37 - 2015-02-12 13:37 - 02347384 _____ (ESET) C:\Users\XXX YYY\Downloads\esetsmartinstaller_deu.exe
2015-02-12 11:35 - 2015-02-12 11:35 - 00139290 _____ () C:\Users\XXX YYY\Desktop\OTL Extras.Txt
2015-02-12 11:17 - 2015-02-12 11:36 - 00146944 _____ () C:\Users\XXX YYY\Desktop\OTL.Txt
2015-02-12 11:17 - 2015-02-12 11:17 - 00139534 _____ () C:\Users\XXX YYY\Desktop\Extras.Txt
2015-02-12 10:56 - 2015-02-12 10:57 - 00602112 _____ (OldTimer Tools) C:\Users\XXX YYY\Desktop\OTL.exe
2015-02-11 15:35 - 2015-02-11 15:35 - 00001008 _____ () C:\Users\XXX YYY\Desktop\checkup.txt
2015-02-11 15:25 - 2015-02-11 16:04 - 00000000 ____D () C:\Users\XXX YYY\Desktop\FRST-OlderVersion
2015-02-11 15:18 - 2015-02-11 15:18 - 00852594 _____ () C:\Users\XXX YYY\Desktop\SecurityCheck.exe
2015-02-10 16:21 - 2015-02-20 14:09 - 00030628 _____ () C:\Users\XXX YYY\Desktop\FRST.txt
2015-02-10 16:04 - 2015-02-10 16:04 - 00039026 _____ () C:\Users\XXX YYY\Desktop\HitmanPro_20150210_1603.log
2015-02-09 23:05 - 2015-02-09 23:05 - 11225840 _____ (SurfRight B.V.) C:\Users\XXX YYY\Downloads\HitmanPro_x64.exe
2015-02-09 21:15 - 2015-02-09 21:15 - 00039064 _____ () C:\ComboFix.txt
2015-02-09 20:56 - 2015-02-09 21:15 - 00000000 ____D () C:\Qoobox
2015-02-09 20:56 - 2015-02-09 21:13 - 00000000 ____D () C:\Windows\erdnt
2015-02-09 20:56 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-09 20:56 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-09 20:56 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-09 20:56 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-09 20:56 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-09 20:56 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-09 20:56 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-09 20:56 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-09 20:54 - 2015-02-09 20:55 - 05611930 ____R (Swearware) C:\Users\XXX YYY\Desktop\ComboFix.exe
2015-02-09 20:54 - 2015-02-09 20:54 - 05611930 _____ (Swearware) C:\Users\XXX YYY\Downloads\ComboFix.exe.part
2015-02-09 19:21 - 2015-02-09 19:21 - 02132992 _____ (Farbar) C:\Users\XXX YYY\Downloads\FRST64.exe
2015-02-09 18:04 - 2015-02-09 18:21 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-09 18:03 - 2015-02-09 18:21 - 00000000 ____D () C:\Users\XXX YYY\Desktop\mbar
2015-02-09 18:02 - 2015-02-09 18:02 - 16466552 _____ (Malwarebytes Corp.) C:\Users\XXX YYY\Downloads\mbar-1.08.3.1004.exe
2015-02-09 17:59 - 2015-02-09 17:59 - 00000000 ____D () C:\ProgramData\OnlineUpdate
2015-02-09 17:59 - 2015-02-09 17:59 - 00000000 ____D () C:\ProgramData\log
2015-02-09 17:23 - 2015-02-09 17:23 - 01124352 _____ (Farbar) C:\Users\XXX YYY\Downloads\FRST.exe
2015-02-09 15:05 - 2015-02-09 15:05 - 00442624 _____ () C:\Windows\Minidump\020915-9968-01.dmp
2015-02-09 12:53 - 2015-02-09 12:55 - 00042052 _____ () C:\Users\XXX YYY\Desktop\GMER.log
2015-02-09 12:40 - 2015-02-09 12:40 - 00268832 _____ () C:\Windows\Minidump\020915-10140-01.dmp
2015-02-09 12:29 - 2015-02-09 12:57 - 00149082 _____ () C:\Users\XXX YYY\Desktop\Trojanerboad Forumpost 090215.txt
2015-02-09 12:29 - 2015-02-09 12:29 - 00000869 _____ () C:\Users\XXX YYY\Desktop\Anleitung GMER.txt
2015-02-09 12:28 - 2015-02-09 12:28 - 00064922 _____ () C:\Users\XXX YYY\Downloads\Trojanerboad Forumpost 090215.txt
2015-02-09 12:23 - 2015-02-09 12:26 - 00001097 _____ () C:\Users\XXX YYY\Desktop\Malwarebytes Scan after Malwarebytes Removal.txt
2015-02-09 12:21 - 2015-02-09 12:30 - 00003827 _____ () C:\Users\XXX YYY\Desktop\Malwarebytes Scan.txt
2015-02-09 12:18 - 2015-02-09 12:18 - 00380416 _____ () C:\Users\XXX YYY\Downloads\Gmer-19357.exe
2015-02-09 12:01 - 2015-02-10 14:51 - 00024881 _____ () C:\Users\XXX YYY\Downloads\FRST.txt
2015-02-09 12:00 - 2015-02-20 14:08 - 00000000 ____D () C:\FRST
2015-02-09 11:58 - 2015-02-09 12:28 - 00000470 _____ () C:\Users\XXX YYY\Downloads\defogger_disable.log
2015-02-09 11:58 - 2015-02-09 11:58 - 00000000 _____ () C:\Users\XXX YYY\defogger_reenable
2015-02-09 11:57 - 2015-02-09 11:57 - 00050477 _____ () C:\Users\XXX YYY\Downloads\Defogger.exe
2015-02-09 09:49 - 2015-02-09 13:04 - 00003028 _____ () C:\Users\XXX YYY\Desktop\JRT.txt
2015-02-09 09:43 - 2015-02-09 09:43 - 01388274 _____ (Thisisu) C:\Users\XXX YYY\Downloads\JRT.exe
2015-02-09 09:37 - 2015-02-09 09:41 - 00000000 ____D () C:\AdwCleaner
2015-02-09 09:37 - 2015-02-09 09:37 - 02112512 _____ () C:\Users\XXX YYY\Downloads\AdwCleaner_4.110.exe
2015-02-07 08:01 - 2015-02-07 08:01 - 00262144 _____ () C:\Windows\Minidump\020715-11793-01.dmp
2015-02-05 17:20 - 2015-02-05 17:20 - 00000000 ____D () C:\Users\XXX YYY\Documents\Dungeon of the Endless
2015-02-05 16:56 - 2015-02-09 18:04 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-05 16:56 - 2015-02-09 18:03 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-05 16:56 - 2015-02-05 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-05 16:56 - 2015-02-05 16:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-05 16:56 - 2015-02-05 16:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-05 16:56 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-05 16:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-05 16:55 - 2015-02-05 16:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\XXX YYY\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-04 15:20 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-04 15:20 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-04 15:20 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-04 15:20 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-04 15:20 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-04 15:20 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-04 15:20 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-04 15:20 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-04 15:20 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-04 15:20 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-04 15:20 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-04 15:20 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-04 15:20 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-04 15:20 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-02-04 15:20 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-02-03 15:00 - 2015-02-03 15:01 - 07811072 _____ () C:\Users\XXX YYY\Downloads\LWAPlugin64BitInstaller32.msi
2015-01-29 14:05 - 2015-01-29 14:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-24 16:42 - 2015-01-24 19:43 - 00000000 ____D () C:\ProgramData\Steam
2015-01-23 16:45 - 2015-01-23 16:45 - 00001169 _____ () C:\Users\Public\Desktop\VTech Download Manager.lnk
2015-01-23 16:45 - 2015-01-23 16:45 - 00000000 ____D () C:\ProgramData\VTech
2015-01-23 16:45 - 2015-01-23 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTech
2015-01-23 16:45 - 2015-01-23 16:45 - 00000000 ____D () C:\Program Files (x86)\VTech
2015-01-23 16:44 - 2015-01-23 16:45 - 20758664 _____ (VTech) C:\Users\XXX YYY\Downloads\Kidizoom1407_DE_ger_Setup.exe
2015-01-21 16:05 - 2015-01-21 16:05 - 00217384 _____ (Cisco WebEx LLC) C:\Users\XXX YYY\Downloads\eggits2_Awebex_Acom,eggits2-de,2077473508,-1093361774,MC,0-0,SDJTSwAAAAJeWSAuzW-CSBddk8nRdEnMuWSMwGr2g0C4q48zrQRhMg2_webex.exe
2015-01-21 15:56 - 2015-01-21 16:05 - 00000000 ____D () C:\Users\XXX YYY\AppData\Roaming\webex
2015-01-21 15:56 - 2015-01-21 15:56 - 00646648 _____ (Cisco WebEx LLC) C:\Users\XXX YYY\Downloads\Cisco_WebEx_Add-On.exe
2015-01-21 15:56 - 2015-01-21 15:56 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\WebEx
2015-01-21 15:56 - 2015-01-21 15:56 - 00000000 ____D () C:\ProgramData\WebEx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 14:08 - 2013-03-20 12:01 - 00000000 ____D () C:\Users\XXX YYY\AppData\Roaming\Skype
2015-02-20 13:28 - 2013-03-20 11:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-20 13:13 - 2013-03-19 16:48 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-20 13:09 - 2014-05-02 11:30 - 00005170 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for XXXYYY-VAIO-XXX YYY XXXYYY-VAIO
2015-02-20 12:55 - 2013-03-19 17:01 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{74DD3A27-0DC4-4DEC-A150-6D12E280742E}
2015-02-20 12:55 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-20 12:55 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-20 12:54 - 2013-03-19 16:42 - 01873827 _____ () C:\Windows\WindowsUpdate.log
2015-02-20 12:53 - 2013-03-19 16:35 - 00689352 _____ () C:\Windows\system32\perfh007.dat
2015-02-20 12:53 - 2013-03-19 16:35 - 00146652 _____ () C:\Windows\system32\perfc007.dat
2015-02-20 12:53 - 2009-07-14 06:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 12:49 - 2014-05-02 11:27 - 00000000 ___RD () C:\Users\XXX YYY\OneDrive
2015-02-20 12:49 - 2013-04-02 10:55 - 00000000 ___RD () C:\Users\XXX YYY\Dropbox
2015-02-20 12:49 - 2013-04-02 10:51 - 00000000 ____D () C:\Users\XXX YYY\AppData\Roaming\Dropbox
2015-02-20 12:49 - 2013-04-02 09:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-20 12:49 - 2013-03-19 16:59 - 00115232 _____ () C:\Users\XXX YYY\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-20 12:49 - 2013-03-19 16:48 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 12:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-20 12:49 - 2009-07-14 05:51 - 00219494 _____ () C:\Windows\setupact.log
2015-02-20 12:49 - 2009-07-14 05:45 - 00443024 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-20 12:48 - 2010-07-19 21:44 - 00507616 _____ () C:\Windows\PFRO.log
2015-02-20 12:18 - 2013-03-25 12:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-20 12:18 - 2013-03-19 16:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-02-20 12:18 - 2013-03-19 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-20 12:18 - 2009-07-14 08:46 - 00000000 ____D () C:\Windows\ShellNew
2015-02-20 12:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-20 12:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-20 08:32 - 2014-08-15 21:13 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\Adobe
2015-02-20 08:23 - 2013-10-29 16:18 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-20 08:21 - 2013-10-29 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-20 08:21 - 2013-06-25 08:53 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-19 11:48 - 2013-03-19 16:59 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\VirtualStore
2015-02-16 17:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-16 16:34 - 2013-03-19 16:40 - 00000000 ____D () C:\Windows\CSC
2015-02-16 16:34 - 2009-07-14 08:45 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-02-16 16:28 - 2009-07-14 03:34 - 00000546 _____ () C:\Windows\win.ini
2015-02-16 15:45 - 2013-04-02 10:51 - 00000000 ____D () C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 16:15 - 2014-11-25 07:59 - 00000000 ____D () C:\Program Files\Recuva
2015-02-12 15:27 - 2013-03-20 12:11 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\Microsoft Help
2015-02-12 14:22 - 2013-04-02 10:14 - 00000000 ____D () C:\Users\XXX YYY\Documents\mobalo
2015-02-10 16:22 - 2013-12-06 11:02 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-10 16:22 - 2013-03-23 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-10 16:22 - 2013-03-23 22:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-09 21:15 - 2013-03-20 12:05 - 00000000 ____D () C:\Users\XXX YYY\AppData\Local\Apps\2.0
2015-02-09 21:15 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-09 21:12 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-09 21:10 - 2009-07-14 03:34 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_795
2015-02-09 15:05 - 2013-03-23 17:07 - 00000000 ____D () C:\Windows\Minidump
2015-02-09 11:58 - 2013-03-19 16:59 - 00000000 ____D () C:\Users\XXX YYY
2015-02-08 16:08 - 2013-03-19 16:48 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-08 16:08 - 2013-03-19 16:48 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 17:19 - 2013-03-20 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-05 17:19 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\addins
2015-02-05 16:28 - 2013-03-20 11:36 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 16:28 - 2013-03-20 11:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 16:28 - 2013-03-20 11:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 15:31 - 2013-08-19 18:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-04 15:20 - 2013-03-20 11:10 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-02 12:08 - 2010-07-19 21:45 - 00626734 _____ () C:\Windows\DPINST.LOG
2015-02-02 12:07 - 2013-03-25 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-01-24 19:43 - 2014-12-12 18:11 - 00000000 ____D () C:\ProgramData\PopCap Games
2015-01-21 18:27 - 2013-04-02 10:22 - 00000000 ____D () C:\Users\XXX YYY\.thinkbuzan
2015-01-21 18:26 - 2013-04-02 10:22 - 00000000 ____D () C:\ProgramData\ThinkBuzan
2015-01-21 18:26 - 2013-04-02 10:22 - 00000000 ____D () C:\ProgramData\JSoft

==================== Files in the root of some directories =======

2006-12-11 18:13 - 2006-12-11 18:13 - 0097336 _____ (Un4seen Developments) C:\Users\XXX YYY\AppData\Local\bass.dll
2006-12-11 18:13 - 2006-12-11 18:13 - 0013872 _____ (Un4seen Developments) C:\Users\XXX YYY\AppData\Local\basscd.dll
2007-08-13 16:46 - 2007-08-13 16:46 - 0102912 _____ (Albert L Faber) C:\Users\XXX YYY\AppData\Local\CDRip.dll
2007-01-18 20:09 - 2007-01-18 20:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\XXX YYY\AppData\Local\No23 Recorder.exe
2013-09-13 13:59 - 2013-11-05 17:27 - 0001509 _____ () C:\Users\XXX YYY\AppData\Local\RecConfig.xml
2014-04-05 12:13 - 2014-04-05 12:13 - 0000017 _____ () C:\Users\XXX YYY\AppData\Local\resmon.resmoncfg
2013-03-20 12:05 - 2013-03-19 02:13 - 0000000 _____ () C:\Users\XXX YYY\AppData\Local\{8163A258-9D27-40E7-8400-AAC988DB596D}
2013-03-20 12:05 - 2013-03-19 02:13 - 0000000 _____ () C:\Users\XXX YYY\AppData\Local\{E0B5EB61-5E6A-4483-A017-B5D5359A35B3}
2014-01-07 17:28 - 2014-01-07 17:28 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-05-17 14:20 - 2010-05-17 14:20 - 0157382 ____R () C:\ProgramData\DeviceManager.xml.rc4

ZeroAccess:
C:\Users\XXX YYY\AppData\Local\{4fa287a5-a9e8-a902-8c66-f7e1d24caa8e}

Some content of TEMP:
====================
C:\Users\XXX YYY\AppData\Local\Temp\avgnt.exe
C:\Users\XXX YYY\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps2ulp7.dll


==================== Bamital & volsnap Check =================

(There is no auXXXatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-16 17:42

==================== End Of Log ============================
--- --- ---

Warlord711 20.02.2015 14:25
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {187BF442-5A85-44DE-9CC7-0241C7AC7642} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Kannst du schauen ob du VAIO Care über die Systemsteuerung reparieren kannst ? Da häufen sich die Fehlermeldungen im Log, könnte sein das dort Dateien korrupt sind.

LarryPerkins 20.02.2015 23:47
Ich hab in der Systemsteuerung nur die Option der Deinstallation, nicht des Reparierens, oder ich find's nicht.

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by Tom Rauhe at 2015-02-20 23:40:44 Run:4
Running from C:\Users\XXX\Desktop
Loaded Profiles: XXX (Available profiles: XXX)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {187BF442-5A85-44DE-9CC7-0241C7AC7642} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{187BF442-5A85-44DE-9CC7-0241C7AC7642}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{187BF442-5A85-44DE-9CC7-0241C7AC7642}" => Key deleted successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.

==== End of Fixlog 23:40:44 ====

Warlord711 21.02.2015 16:53
Ja, dann über Deinstallieren und neu installieren.

LarryPerkins 23.02.2015 17:06
Ich muss das noch testen, ich denke nicht dass es nochmal aufgetreten ist, aber das ist ja immer so knapp und kurz gewesen.
VAIO Dings trau ich mich nicht zu deinstallieren noch, weil das absolut null Support hat weil VAIO verkauft (und damit verdammit) wurde und nicht mehr weiter betreut wird.
Von Vaio Care exisitieren da draussen eine Million Versionen und Gedöns von denen keiner weiss was da gerade aktuell ist oder funktioniert oder sonstwas....

Ich meld mich wieder wenn ich doch noch was finde oder auch wenn ich nichts mehr finde... danke jedenfalls derweil schonmal :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:09 Uhr.
Seite 4 von 5 « Erste 23 4 5
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131