Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   getwindowinfo öffnet meinen internetexplorer (https://www.trojaner-board.de/140260-getwindowinfo-oeffnet-meinen-internetexplorer.html)

Frau Mira 22.08.2013 16:44
getwindowinfo öffnet meinen internetexplorer
 
Hallo! getwindowinfo öffnet ständig meinen internetexplorer:pfui:. habe erst AdwCleaner laufen lassen dann Junkware Removal Tool und zum schluss Malwarebytes Anti-Malware. :headbang: Aber leider öffnet sich der explorer weiter.... wenn ich den Malwarebytes Anti-Malware nochmals laufen lasse, dann findet er nichts mehr. LG Mira :schrei:

schrauber 22.08.2013 17:11
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Frau Mira 23.08.2013 12:12
Hallo Schrauber,
erst einmal vielen Dank für deine Hilfe! im Anhang die gewünschten Dateien.

LG
Mira

schrauber 23.08.2013 13:45
hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307


Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Frau Mira 23.08.2013 19:47
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2013 01
Ran by laura seroka (administrator) on 23-08-2013 19:51:58
Running from C:\Users\laura seroka\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
() C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
() C:\Windows\system32\dmwu.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Akamai Technologies, Inc.) C:\Users\laura seroka\AppData\Local\Akamai\netsession_win.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Akamai Technologies, Inc.) C:\Users\laura seroka\AppData\Local\Akamai\netsession_win.exe
(Smartbar) C:\Users\laura seroka\AppData\Local\Smartbar\Application\QuickShare.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Facebook) C:\Users\laura seroka\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
() C:\Windows\SysWOW64\jmdp\stij.exe
(Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Sony Corporation) C:\Program Files\Sony\VCM Manager Settings\VcmMgrNotification64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe
() C:\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
HKCU\...\Run: [Elbserver] - C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2011-04-02] (Sony Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\laura seroka\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\laura seroka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-02-26] (Facebook Inc.)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Run: [SDP] - C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe [201808 2013-01-07] (Somoto)
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\laura seroka\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-05-12] (Smartbar)
MountPoints2: E - E:\AutoRun.exe
MountPoints2: {14168b87-f905-11e1-9f4a-001e101f2b52} - G:\Startme.exe
MountPoints2: {6fd4aee7-95c9-11e1-8bdc-9439e5a3617a} - E:\AutoRun.exe
MountPoints2: {6fd4af0b-95c9-11e1-8bdc-9439e5a3617a} - E:\AutoRun.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll  [2521552 2013-06-03] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\laura seroka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\laura seroka\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\laura seroka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
ShortcutTarget: tcbhn.lnk -> C:\Users\laura seroka\AppData\Roaming\BrowserCompanion\tcbhn.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=f0282353-b34a-4df7-afd4-ec6e64236f4f&searchtype=ds&q={searchTerms}&installDate=19/02/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=f0282353-b34a-4df7-afd4-ec6e64236f4f&searchtype=hp&installDate=19/02/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=120518&babsrc=HP_ss_bag2g&mntrId=6A00B639E5A36179
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=f0282353-b34a-4df7-afd4-ec6e64236f4f&searchtype=ds&q={searchTerms}&installDate=19/02/2013
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=f0282353-b34a-4df7-afd4-ec6e64236f4f&searchtype=ds&q={searchTerms}&installDate=19/02/2013
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=f0282353-b34a-4df7-afd4-ec6e64236f4f&searchtype=ds&q={searchTerms}&installDate=19/02/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.dalesearch.com/?q={searchTerms}&affID=122974&babsrc=SP_ss&mntrId=6A00B639E5A36179
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
BHO: Video downloader - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Program Files\Video downloader\Extension64.dll ()
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Browser Companion Helper - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Feven - {11111111-1111-1111-1111-110311151154} - C:\Program Files (x86)\Feven\Feven-bho.dll (Feven)
BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: Video downloader - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Program Files\Video downloader\Extension32.dll ()
BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: ipp - No CLSID Value -
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default
FF user.js: detected! => C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\user.js
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "type", 0
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\laura seroka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\laura seroka\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\searchplugins\dalesearch.xml
FF Extension: SpecialSavings - C:\Users\laura seroka\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com
FF Extension: No Name - C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\Extensions\6be3335b-ef79-4b0b-a0ba-b87afbc6f4ad@6bbb4d2e-e33e-4fa5-9b37-934f4fb50182.com
FF Extension: No Name - C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
FF Extension: No Name - C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\Extensions\ffxtlbr@incredibar.com
FF Extension: No Name - C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\Extensions\staged
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\Extensions\toolbar_AVIRA-V7@apn.ask.com
FF Extension: No Name - C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
FF Extension: toolbar_AVIRA-V7 - C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: No Name - C:\Users\laura seroka\AppData\Roaming\Mozilla\Firefox\Profiles\5bf4lnop.default\Extensions\WTB_GLOBAL.sqlite
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF Extension: No Name - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] C:\Program Files\Web Assistant\Firefox
FF Extension: No Name - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [{77BEC163-D389-42c1-91A4-C758846296A5}] C:\Program Files\Video downloader\Firefox
FF Extension: No Name - C:\Program Files\Video downloader\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF Extension: No Name - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] C:\Program Files\Web Assistant\Firefox
FF Extension: No Name - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{77BEC163-D389-42c1-91A4-C758846296A5}] C:\Program Files\Video downloader\Firefox
FF Extension: No Name - C:\Program Files\Video downloader\Firefox
FF HKCU\...\Firefox\Extensions: [SpecialSavings@SpecialSavings.com] C:\Users\laura seroka\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com
FF Extension: SpecialSavings - C:\Users\laura seroka\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com

Chrome:
=======
CHR Extension: (Skype Click to Call) - C:\Users\LAURAS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_2
CHR Extension: (Google Wallet Service) - C:\Users\LAURAS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM-x32\...\Chrome\Extension: [bfcpnihmbfoaeoakalclfalkdepgiaje] - C:\Users\laura seroka\AppData\Roaming\SpecialSavings\SpecialSavings.crx
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros)
R2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [3085264 2013-06-03] ()
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1455408 2013-04-07] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-01-02] ()
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-01-29] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-06-22] (Taiwan Shui Mu Chih Ching Technology Limited.)
S2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [301120 2013-08-16] (Wsys Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 X6va006; \??\C:\Users\LAURAS~1\AppData\Local\Temp\00635CF.tmp [x]
S3 X6va008; \??\C:\Users\LAURAS~1\AppData\Local\Temp\0082404.tmp [x]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-23 19:47 - 2013-08-23 19:47 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-23 13:00 - 2013-08-23 13:01 - 00023443 _____ C:\Users\laura seroka\Downloads\Addition.txt
2013-08-23 12:59 - 2013-08-23 12:59 - 00000000 ____D C:\FRST
2013-08-22 16:58 - 2013-08-22 16:58 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Avira
2013-08-22 16:52 - 2013-08-22 16:52 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-22 13:29 - 2013-08-23 15:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-22 13:29 - 2013-08-22 13:29 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Malwarebytes
2013-08-22 13:29 - 2013-08-22 13:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-22 13:22 - 2013-08-22 13:22 - 00010124 _____ C:\Users\laura seroka\Desktop\JRT.txt
2013-08-22 12:54 - 2013-08-23 15:03 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Windows Net Data
2013-08-22 12:54 - 2013-08-23 15:03 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.8
2013-08-22 12:54 - 2013-08-22 16:41 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-08-22 12:54 - 2013-08-22 12:54 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-08-22 12:47 - 2013-08-22 13:00 - 00000000 ____D C:\AdwCleaner
2013-08-21 14:00 - 2013-08-22 16:52 - 00000000 ____D C:\ProgramData\Avira
2013-08-14 13:58 - 2013-08-14 14:01 - 00000000 ____D C:\Windows\system32\MRT
2013-08-10 15:40 - 2013-08-10 15:40 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\337 Wallpaper

==================== One Month Modified Files and Folders =======

2013-08-23 19:50 - 2013-08-23 19:50 - 01576584 _____ (Farbar) C:\Users\laura seroka\Downloads\FRST64.exe
2013-08-23 19:47 - 2013-08-23 19:47 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-23 19:46 - 2011-12-31 16:03 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-23 19:45 - 2012-04-09 14:14 - 02078413 _____ C:\Windows\WindowsUpdate.log
2013-08-23 19:42 - 2009-07-14 06:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-23 19:42 - 2009-07-14 06:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-23 19:39 - 2011-12-31 16:03 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-23 19:38 - 2011-12-25 12:56 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E2A86F86-7566-4EEC-9844-283F47B69DD9}
2013-08-23 19:36 - 2013-06-22 20:29 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-23 19:36 - 2013-06-15 01:26 - 00000000 ____D C:\ProgramData\eSafe
2013-08-23 19:35 - 2013-04-15 17:49 - 00000384 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-08-23 19:35 - 2013-01-19 22:56 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\BrowserCompanion
2013-08-23 19:34 - 2013-06-15 01:27 - 00001796 _____ C:\Windows\Tasks\Feven-firefoxinstaller.job
2013-08-23 19:34 - 2013-06-15 01:27 - 00001176 _____ C:\Windows\Tasks\Feven-codedownloader.job
2013-08-23 19:34 - 2013-06-15 01:27 - 00001172 _____ C:\Windows\Tasks\Feven-updater.job
2013-08-23 19:34 - 2013-06-15 01:27 - 00001076 _____ C:\Windows\Tasks\Feven-enabler.job
2013-08-23 19:34 - 2013-06-15 01:26 - 00001872 _____ C:\Windows\Tasks\Feven-chromeinstaller.job
2013-08-23 19:33 - 2013-07-21 13:27 - 00000896 _____ C:\Windows\setupact.log
2013-08-23 19:33 - 2012-03-31 16:05 - 00000956 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705815136-2077661639-3313648235-1001UA.job
2013-08-23 19:33 - 2012-03-31 16:05 - 00000934 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705815136-2077661639-3313648235-1001Core.job
2013-08-23 19:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-23 19:31 - 2012-06-18 19:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-23 19:31 - 2011-12-31 16:03 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-23 15:07 - 2013-04-15 17:49 - 00000000 ____D C:\Users\LAURAS~1\AppData\Local\SwvUpdater
2013-08-23 15:07 - 2011-12-25 12:53 - 00000000 ____D C:\Users\laura seroka
2013-08-23 15:06 - 2013-06-15 01:26 - 00000000 ____D C:\Program Files (x86)\Feven
2013-08-23 15:04 - 2013-08-22 13:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-23 15:04 - 2013-06-15 01:27 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-08-23 15:04 - 2013-06-15 01:26 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Desk 365
2013-08-23 15:04 - 2013-06-15 01:26 - 00000000 ____D C:\Program Files (x86)\Desk 365
2013-08-23 15:04 - 2013-04-15 17:50 - 00000000 ____D C:\Program Files\Video downloader
2013-08-23 15:04 - 2013-04-15 17:49 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-08-23 15:04 - 2013-04-12 13:20 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\File Scout
2013-08-23 15:04 - 2013-04-09 12:27 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2013-08-23 15:04 - 2013-04-09 12:27 - 00000000 ____D C:\Windows\SysWOW64\ARFC
2013-08-23 15:04 - 2013-02-19 22:57 - 00000000 ____D C:\ProgramData\IBUpdaterService
2013-08-23 15:04 - 2013-02-19 22:57 - 00000000 ____D C:\Program Files (x86)\Yontoo
2013-08-23 15:04 - 2013-02-19 22:57 - 00000000 ____D C:\Program Files (x86)\File Scout
2013-08-23 15:04 - 2013-02-19 21:32 - 00000000 ____D C:\Users\LAURAS~1\AppData\Local\Smartbar
2013-08-23 15:04 - 2013-01-19 22:57 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-08-23 15:04 - 2013-01-19 22:57 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\DealPly
2013-08-23 15:04 - 2013-01-19 22:57 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-08-23 15:04 - 2013-01-19 22:56 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-08-23 15:04 - 2013-01-19 22:56 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-08-23 15:04 - 2013-01-19 22:56 - 00000000 ____D C:\Program Files (x86)\BrowserCompanion
2013-08-23 15:04 - 2013-01-19 22:49 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2013-08-23 15:04 - 2013-01-19 22:49 - 00000000 ____D C:\Program Files (x86)\FilesFrog Update Checker
2013-08-23 15:04 - 2013-01-19 22:49 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-23 15:04 - 2012-08-29 18:52 - 00000000 ____D C:\Windows\SysWOW64\WNLT
2013-08-23 15:04 - 2012-08-16 18:14 - 00000000 ____D C:\Program Files (x86)\alaplaya
2013-08-23 15:04 - 2012-06-15 19:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-23 15:04 - 2012-06-15 19:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-23 15:04 - 2012-06-11 19:29 - 00000000 ____D C:\Program Files\Web Assistant
2013-08-23 15:04 - 2012-03-07 11:39 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab FLV Player
2013-08-23 15:04 - 2012-03-07 11:39 - 00000000 ____D C:\Program Files (x86)\FoxTabFLVPlayer
2013-08-23 15:04 - 2012-02-26 18:27 - 00000000 ____D C:\Program Files (x86)\SopCast
2013-08-23 15:04 - 2012-02-21 18:00 - 00000000 ____D C:\Users\LAURAS~1\AppData\Local\Akamai
2013-08-23 15:04 - 2012-02-10 16:49 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-08-23 15:04 - 2012-01-02 17:41 - 00000000 ____D C:\Windows\system32\Macromed
2013-08-23 15:04 - 2011-12-31 16:03 - 00000000 ____D C:\Users\LAURAS~1\AppData\Local\Google
2013-08-23 15:04 - 2011-12-25 20:23 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-08-23 15:04 - 2011-12-25 12:55 - 00000000 ___RD C:\Users\laura seroka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-23 15:04 - 2011-08-08 07:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-08-23 15:04 - 2011-08-08 07:07 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-08-23 15:04 - 2011-08-08 07:07 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-08-23 15:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-23 15:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-23 15:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-08-23 15:04 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-23 15:03 - 2013-08-22 12:54 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-08-23 15:03 - 2013-08-22 12:54 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Windows Net Data
2013-08-23 15:03 - 2013-08-22 12:54 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.8
2013-08-23 15:03 - 2011-07-13 04:58 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-23 15:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-23 15:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-23 14:57 - 2011-12-25 12:53 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Macromedia
2013-08-23 14:55 - 2011-08-08 07:07 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-23 13:01 - 2013-08-23 13:00 - 00023443 _____ C:\Users\laura seroka\Downloads\Addition.txt
2013-08-23 12:59 - 2013-08-23 12:59 - 00000000 ____D C:\FRST
2013-08-22 16:58 - 2013-08-22 16:58 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Avira
2013-08-22 16:52 - 2013-08-22 16:52 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-22 16:52 - 2013-08-21 14:00 - 00000000 ____D C:\ProgramData\Avira
2013-08-22 16:41 - 2013-08-22 12:54 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-08-22 13:29 - 2013-08-22 13:29 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\Malwarebytes
2013-08-22 13:29 - 2013-08-22 13:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-22 13:22 - 2013-08-22 13:22 - 00010124 _____ C:\Users\laura seroka\Desktop\JRT.txt
2013-08-22 13:00 - 2013-08-22 12:47 - 00000000 ____D C:\AdwCleaner
2013-08-21 16:38 - 2012-02-10 16:50 - 00000000 ____D C:\Users\LAURAS~1\AppData\Local\Adobe
2013-08-20 16:12 - 2011-02-11 00:48 - 00000000 ____D C:\Windows\Panther
2013-08-14 14:01 - 2013-08-14 13:58 - 00000000 ____D C:\Windows\system32\MRT
2013-08-12 16:09 - 2009-07-14 04:34 - 73400320 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-08-12 16:09 - 2009-07-14 04:34 - 17825792 _____ C:\Windows\system32\config\SYSTEM.bak
2013-08-12 16:09 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-08-12 16:06 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-08-12 16:05 - 2013-06-26 15:53 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-08-10 15:40 - 2013-08-10 15:40 - 00000000 ____D C:\Users\laura seroka\AppData\Roaming\337 Wallpaper
2013-07-27 16:10 - 2011-08-08 16:32 - 00697322 _____ C:\Windows\system32\perfh007.dat
2013-07-27 16:10 - 2011-08-08 16:32 - 00148328 _____ C:\Windows\system32\perfc007.dat
2013-07-27 16:10 - 2009-07-14 07:13 - 01614036 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-26 19:30 - 2012-02-03 14:22 - 01004108 _____ C:\test.xml

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-21 18:47

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
ComboFix 13-08-22.01 - laura seroka 23.08.2013  20:03:21.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4044.2074 [GMT 2:00]
ausgeführt von:: c:\users\laura seroka\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\jsloader.dll
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\tdataprotocol.dll
c:\program files (x86)\BrowserCompanion\toolbar.dll
c:\program files (x86)\BrowserCompanion\uninstall.exe
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll
c:\program files (x86)\BrowserCompanion\updater.ini
c:\program files (x86)\BrowserCompanion\widgetserv.exe
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPlyIE.dll
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\program files (x86)\SoftwareUpdater\KeyGen.dll
c:\users\laura seroka\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\laura seroka\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SrvUpdater
-------\Service_WsysSvc
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-07-23 bis 2013-08-23  ))))))))))))))))))))))))))))))
.
.
2013-08-23 18:18 . 2013-08-23 18:18        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-08-23 10:59 . 2013-08-23 10:59        --------        d-----w-        C:\FRST
2013-08-22 14:58 . 2013-08-22 14:58        --------        d-----w-        c:\users\laura seroka\AppData\Roaming\Avira
2013-08-22 14:52 . 2013-08-22 14:52        --------        d-----w-        c:\program files (x86)\Avira
2013-08-22 11:29 . 2013-08-22 11:29        --------        d-----w-        c:\users\laura seroka\AppData\Roaming\Malwarebytes
2013-08-22 11:29 . 2013-08-22 11:29        --------        d-----w-        c:\programdata\Malwarebytes
2013-08-22 11:29 . 2013-08-23 13:04        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-22 10:54 . 2013-08-23 13:03        --------        d-----w-        c:\program files (x86)\Plus-HD-3.8
2013-08-22 10:54 . 2013-08-23 13:03        --------        d-----w-        c:\users\laura seroka\AppData\Roaming\Windows Net Data
2013-08-22 10:47 . 2013-08-22 11:00        --------        d-----w-        C:\AdwCleaner
2013-08-21 12:00 . 2013-08-22 14:52        --------        d-----w-        c:\programdata\Avira
2013-08-14 11:58 . 2013-08-14 12:01        --------        d-----w-        c:\windows\system32\MRT
2013-08-10 13:40 . 2013-08-10 13:40        --------        d-----w-        c:\users\laura seroka\AppData\Roaming\337 Wallpaper
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-10 09:39 . 2011-12-25 11:35        78185248        ----a-w-        c:\windows\system32\MRT.exe
2013-06-14 15:20 . 2012-06-18 17:52        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-14 15:20 . 2012-01-02 15:41        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 23:43 . 2013-07-10 09:37        1767936        ----a-w-        c:\windows\SysWow64\wininet.dll
2013-06-11 23:43 . 2013-07-10 09:37        2877440        ----a-w-        c:\windows\SysWow64\jscript9.dll
2013-06-11 23:42 . 2013-07-10 09:37        61440        ----a-w-        c:\windows\SysWow64\iesetup.dll
2013-06-11 23:42 . 2013-07-10 09:37        109056        ----a-w-        c:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26 . 2013-07-10 09:37        51712        ----a-w-        c:\windows\system32\ie4uinit.exe
2013-06-11 23:26 . 2013-07-10 09:37        2241024        ----a-w-        c:\windows\system32\wininet.dll
2013-06-11 23:26 . 2013-07-10 09:37        1365504        ----a-w-        c:\windows\system32\urlmon.dll
2013-06-11 23:25 . 2013-07-10 09:37        19238912        ----a-w-        c:\windows\system32\mshtml.dll
2013-06-11 23:25 . 2013-07-10 09:37        603136        ----a-w-        c:\windows\system32\msfeeds.dll
2013-06-11 23:25 . 2013-07-10 09:37        855552        ----a-w-        c:\windows\system32\jscript.dll
2013-06-11 23:25 . 2013-07-10 09:37        3958784        ----a-w-        c:\windows\system32\jscript9.dll
2013-06-11 23:25 . 2013-07-10 09:37        53248        ----a-w-        c:\windows\system32\jsproxy.dll
2013-06-11 23:25 . 2013-07-10 09:37        526336        ----a-w-        c:\windows\system32\ieui.dll
2013-06-11 23:25 . 2013-07-10 09:37        67072        ----a-w-        c:\windows\system32\iesetup.dll
2013-06-11 23:25 . 2013-07-10 09:37        39936        ----a-w-        c:\windows\system32\iernonce.dll
2013-06-11 23:25 . 2013-07-10 09:37        136704        ----a-w-        c:\windows\system32\iesysprep.dll
2013-06-11 23:25 . 2013-07-10 09:37        2648576        ----a-w-        c:\windows\system32\iertutil.dll
2013-06-11 23:25 . 2013-07-10 09:37        15404032        ----a-w-        c:\windows\system32\ieframe.dll
2013-06-11 22:51 . 2013-07-10 09:37        71680        ----a-w-        c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50 . 2013-07-10 09:37        89600        ----a-w-        c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 03:22 . 2013-07-10 09:37        2706432        ----a-w-        c:\windows\system32\mshtml.tlb
2013-06-07 02:37 . 2013-07-10 09:37        2706432        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2013-06-05 03:34 . 2013-07-10 07:37        3153920        ----a-w-        c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 07:37        624128        ----a-w-        c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 07:37        509440        ----a-w-        c:\windows\SysWow64\qedit.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311151154}]
2013-06-14 23:27        750952        ----a-w-        c:\program files (x86)\Feven\Feven-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2010-11-21 03:24        297808        ----a-w-        c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
2013-01-29 13:28        170840        ----a-w-        c:\program files\Web Assistant\Extension32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{77BEC163-D389-42c1-91A4-C758846296A5}]
2013-06-23 15:53        166744        ----a-w-        c:\program files\Video downloader\Extension32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2013-01-10 22:05        197920        ----a-w-        c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-04-02 83344]
"Akamai NetSession Interface"="c:\users\laura seroka\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Facebook Update"="c:\users\laura seroka\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-02-26 138096]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248]
"SDP"="c:\program files (x86)\FilesFrog Update Checker\update_checker.exe" [2013-01-07 201808]
"Browser Infrastructure Helper"="c:\users\laura seroka\AppData\Local\Smartbar\Application\QuickShare.exe" [2013-05-12 20248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
c:\users\laura seroka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\laura seroka\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
tcbhn.lnk - c:\users\laura seroka\AppData\Roaming\BrowserCompanion\tcbhn.exe -interval=10 -IEhome=0 -IEsearch=0 -FFhome=0 -FFsearch=0 -CHhome=0 -CHsearch=0 -pubId= -affId= [2012-6-28 695448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE -b -l [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll c:\progra~3\browse~1\261339~1.144\{c16c1~1\browserprotect.dll
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBTUSB;VBTUSB.Sys VAIO Bluetooth Driver over USB device;c:\windows\system32\Drivers\VBTUSB.sys;c:\windows\SYSNATIVE\Drivers\VBTUSB.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va006;X6va006;c:\users\LAURAS~1\AppData\Local\Temp\00635CF.tmp;c:\users\LAURAS~1\AppData\Local\Temp\00635CF.tmp [x]
R3 X6va008;X6va008;c:\users\LAURAS~1\AppData\Local\Temp\0082404.tmp;c:\users\LAURAS~1\AppData\Local\Temp\0082404.tmp [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe;c:\programdata\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 Web Assistant;Web Assistant;c:\program files\Web Assistant\ExtensionUpdaterService.exe;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
S2 winzipersvc;WinZiper service;c:\program files (x86)\WinZipper\winzipersvc.exe;c:\program files (x86)\WinZipper\winzipersvc.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai        REG_MULTI_SZ          Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-23 17:46        1177552        ----a-w-        c:\program files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-18 15:20]
.
2013-08-23 c:\windows\Tasks\AmiUpdXp.job
- c:\users\laura seroka\AppData\Local\SwvUpdater\Updater.exe [2013-04-15 11:28]
.
2013-08-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705815136-2077661639-3313648235-1001Core.job
- c:\users\laura seroka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-31 16:32]
.
2013-08-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705815136-2077661639-3313648235-1001UA.job
- c:\users\laura seroka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-31 16:32]
.
2013-08-23 c:\windows\Tasks\Feven-chromeinstaller.job
- c:\program files (x86)\Feven\Feven-chromeinstaller.exe [2013-06-14 23:26]
.
2013-08-23 c:\windows\Tasks\Feven-codedownloader.job
- c:\program files (x86)\Feven\Feven-codedownloader.exe [2013-06-14 23:27]
.
2013-08-23 c:\windows\Tasks\Feven-enabler.job
- c:\program files (x86)\Feven\Feven-enabler.exe [2013-06-14 23:27]
.
2013-08-23 c:\windows\Tasks\Feven-firefoxinstaller.job
- c:\program files (x86)\Feven\Feven-firefoxinstaller.exe [2013-06-14 23:27]
.
2013-08-23 c:\windows\Tasks\Feven-updater.job
- c:\program files (x86)\Feven\Feven-updater.exe [2013-06-14 23:27]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 14:03]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 14:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418328]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=f0282353-b34a-4df7-afd4-ec6e64236f4f&searchtype=hp&installDate=19/02/2013
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=f0282353-b34a-4df7-afd4-ec6e64236f4f&searchtype=ds&q={searchTerms}&installDate=19/02/2013
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{00cbb66b-1d3b-46d3-9577-323a336acb50} - c:\program files (x86)\BrowserCompanion\jsloader.dll
BHO-{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - c:\program files (x86)\DealPly\DealPlyIE.dll
Wow6432Node-HKLM-Run-avgnt - c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\LAURAS~1\AppData\Local\Temp\00635CF.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\users\LAURAS~1\AppData\Local\Temp\0082404.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va010]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\schtasks.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\jmdp\stij.exe
c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-08-23  20:37:36 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-08-23 18:37
.
Vor Suchlauf: 18 Verzeichnis(se), 421.051.846.656 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 420.909.092.864 Bytes frei
.
- - End Of File - - 86BD24F5924D4B01645DD4586BC316CC

schrauber 24.08.2013 09:16
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:32 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131