Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   A1 .rtf geöffnet (https://www.trojaner-board.de/152948-a1-rtf-geoeffnet.html)

ppanther1 23.04.2014 18:23
A1 .rtf geöffnet
 
Hallo!

Mir ist gestern etwas blödes passiert und zwar hab ich, komplett gedankenverloren, die .rtf in einer A1 Mail geöffnet. Der Inhalt wurde von Word geblockt und nicht geöffnet. Kann bitte trotzde jemand mit Ahnung die Scan Logs durchsehen?

Vielen Dank!

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Florian (administrator) on VAIO on 23-04-2014 18:48:36
Running from C:\Users\Florian\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\DllHost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
() C:\Users\Florian\AppData\Local\Apps\2.0\585GMAVG.QNA\GA630GOZ.C98\pcmf..tion_c1e7c94c1be0ad92_0002.0001_506a9e03f002d25d\PCM Fast Editor.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Dropbox, Inc.) C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\WINDOWS\System32\vds.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-20] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-11-09] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-480759746-1148897681-289319097-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-480759746-1148897681-289319097-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-480759746-1148897681-289319097-1001\...\MountPoints2: {72b10914-3a94-11e3-bf2b-5453ed3765ed} - "E:\LGAutoRun.exe"
HKU\S-1-5-21-480759746-1148897681-289319097-1001\...\MountPoints2: {a314f7fb-d678-11e2-be9f-a41731e6f94c} - "D:\SETUP.EXE"
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN16871039762619913&UM=2&ctid=CT3305104
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM-x32 - DefaultScope {A79DA6DA-D390-4A5F-BD8C-96ACC244AC11} URL =
SearchScopes: HKCU - DefaultScope {9103806E-03CF-4EF1-B6C9-5E822DF23297} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {9103806E-03CF-4EF1-B6C9-5E822DF23297} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {A79DA6DA-D390-4A5F-BD8C-96ACC244AC11} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3305104&CUI=UN16871039762619913&UM=2
SearchScopes: HKCU - {DC9F28B0-31EF-495F-8FA9-7D2616C272CE} URL = hxxp://rover.ebay.com/rover/1/5221-29898-16445-29/4?mpre=hxxp://shop.ebay.at/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} -  No File
Handler: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\0eyblsge.default
FF NetworkProxy: "http", "202.43.188.156"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: anonymoX - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\0eyblsge.default\Extensions\client@anonymox.net.xpi [2013-11-02]
FF Extension: Adblock Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\0eyblsge.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-02]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-02]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-04-23]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-06-19] (Adobe Systems)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
S2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1369136 2013-09-25] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-06-16] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
S0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-11-09] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-13] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R4 avkmgr; \SystemRoot\system32\DRIVERS\avkmgr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 18:47 - 2014-04-23 18:48 - 00039699 _____ () C:\Users\Florian\Downloads\Addition.txt
2014-04-23 18:44 - 2014-04-23 18:48 - 00023352 _____ () C:\Users\Florian\Downloads\FRST.txt
2014-04-23 18:44 - 2014-04-23 18:48 - 00000000 ____D () C:\FRST
2014-04-23 18:43 - 2014-04-23 18:44 - 02061312 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2014-04-23 18:31 - 2014-04-23 18:31 - 00000000 ___SH () C:\DkHyperbootSync
2014-04-23 18:22 - 2014-04-23 18:22 - 00000000 ____D () C:\ProgramData\ESET
2014-04-23 18:22 - 2014-04-23 18:22 - 00000000 ____D () C:\Program Files\ESET
2014-04-23 18:20 - 2014-04-23 18:20 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-04-23 18:16 - 2014-04-23 18:18 - 81604608 _____ () C:\Users\Florian\Downloads\ess_nt64_deu.msi
2014-04-23 16:43 - 2014-04-23 16:43 - 05207312 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-23 16:04 - 2014-04-23 16:04 - 00000165 ____H () C:\Users\Florian\Desktop\~$Ardennen.xlsx
2014-04-20 15:40 - 2014-04-20 15:45 - 76042684 _____ () C:\Users\Florian\Downloads\Blinders Unreleased Remix Pack.zip
2014-04-20 15:15 - 2014-04-20 17:00 - 00000000 ____D () C:\Users\Florian\Desktop\SIZE Tribute
2014-04-20 10:23 - 2014-04-20 10:23 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 10:23 - 2014-04-20 10:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 10:23 - 2014-04-20 10:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-20 10:19 - 2014-04-20 10:18 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-04-20 10:18 - 2014-04-20 10:18 - 00000000 ____D () C:\Program Files\Java
2014-04-19 23:48 - 2014-04-19 23:48 - 00516276 _____ () C:\Users\Florian\Downloads\Zen World Free 10 Drop Sounds Bank.fxb
2014-04-19 23:47 - 2014-04-19 23:47 - 02688123 _____ () C:\Users\Florian\Downloads\Zen World 10 Esential Kicks Non-Vip  Edition.zip
2014-04-19 22:35 - 2014-04-18 00:15 - 3232193962 _____ () C:\Users\Florian\Downloads\Swedish.House.Mafia.Leave.The.World.Behind.2014.1080p.WEB-DL.H264-PublicHD.mkv
2014-04-19 22:07 - 2014-04-19 22:09 - 28679799 _____ () C:\Users\Florian\Downloads\We Are Legend (Levito Edit)[FLP Project].zip
2014-04-19 22:07 - 2014-04-19 22:09 - 26797560 _____ () C:\Users\Florian\Downloads\Sentido (Levito Edit)[FLP Project].zip
2014-04-19 18:13 - 2014-04-19 19:49 - 2751463282 _____ () C:\Users\Florian\Downloads\#DECADE.zip
2014-04-19 14:00 - 2014-04-19 14:00 - 00000000 ____D () C:\Users\Florian\Downloads\Swedish House Mafia - One Last Tour A Live Soundtrack
2014-04-19 13:51 - 2014-04-19 13:58 - 127042534 _____ () C:\Users\Florian\Downloads\Swedishk.part3.rar
2014-04-19 13:38 - 2014-04-19 13:52 - 209715200 _____ () C:\Users\Florian\Downloads\Swedishk.part2.rar
2014-04-19 13:27 - 2014-04-19 13:38 - 209715200 _____ () C:\Users\Florian\Downloads\Swedishk.part1.rar
2014-04-19 11:19 - 2014-04-23 11:12 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-19 08:11 - 2014-04-19 14:08 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part3.rar
2014-04-19 08:11 - 2014-04-19 13:19 - 125085831 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part4.rar
2014-04-18 23:29 - 2014-04-19 13:27 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part2.rar
2014-04-18 23:29 - 2014-04-19 13:01 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part1.rar
2014-04-18 23:29 - 2014-04-18 23:29 - 00001476 _____ () C:\Users\Florian\Downloads\hw227k439kr044a-share-online.biz.dlc
2014-04-18 14:21 - 2014-04-18 14:21 - 00000955 _____ () C:\Users\Florian\Downloads\Buy_Now_-_For_Sale_(Steve_Angello__Sebastian_Ingrosso_Mix)__Hardfire2002_20070507170020.mid
2014-04-14 17:06 - 2014-04-14 17:06 - 00010920 _____ () C:\Users\Florian\Downloads\HÜ9-Berechnung.xlsx
2014-04-11 00:26 - 2014-04-11 00:26 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-04-10 23:18 - 2014-04-10 23:20 - 00000000 ____D () C:\Program Files\Recuva
2014-04-10 23:18 - 2014-04-10 23:18 - 03161056 _____ (Piriform Ltd) C:\Users\Florian\Downloads\rcsetup151_slim.exe
2014-04-10 23:18 - 2014-04-10 23:18 - 00001670 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-04-10 23:09 - 2014-04-10 23:11 - 00000000 ____D () C:\Users\Florian\Desktop\Data
2014-04-10 23:08 - 2014-04-10 23:08 - 00103669 _____ () C:\Users\Florian\Downloads\excel_v06.7z
2014-04-10 23:08 - 2012-07-02 17:08 - 00146432 _____ () C:\Users\Florian\Desktop\Exporter.xls
2014-04-10 23:08 - 2011-06-28 02:09 - 00019456 _____ () C:\Users\Florian\Desktop\ExcelExporter.exe
2014-04-10 23:08 - 2008-04-07 15:12 - 00184320 _____ () C:\Users\Florian\Desktop\Exporter.exe
2014-04-10 23:06 - 2014-04-10 23:08 - 00000000 ____D () C:\Users\Florian\Downloads\Lachi Editor
2014-04-10 23:06 - 2014-04-10 23:06 - 01181825 _____ () C:\Users\Florian\Downloads\lachiseditor_v13.rar
2014-04-10 19:46 - 2014-04-10 19:46 - 00000000 ____D () C:\Users\Florian\Downloads\TV Noise - The Hold (DanteMusic Remake) + FLP
2014-04-10 19:23 - 2014-04-10 19:23 - 01865408 _____ () C:\Users\Florian\Downloads\VES2 FX Impact 34.wav
2014-04-10 19:21 - 2014-04-10 19:21 - 00340100 _____ () C:\Users\Florian\Downloads\VES1 FX Downlifter 101.wav
2014-04-09 16:14 - 2014-04-09 16:22 - 00000000 ____D () C:\Users\Florian\Downloads\reFX Nexus v2.2 with skins and expansion Packs
2014-04-09 13:21 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-09 13:21 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-09 13:21 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-09 13:21 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-09 13:21 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-09 13:21 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-09 13:21 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-09 13:21 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-09 13:20 - 2014-04-09 13:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 13:19 - 2014-04-09 13:19 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-08 19:47 - 2014-04-23 18:07 - 00012803 _____ () C:\Users\Florian\Desktop\Ardennen.xlsx
2014-04-08 15:45 - 2014-04-08 15:45 - 00000165 ____H () C:\Users\Florian\Desktop\~$Cobblers.xlsx
2014-04-08 13:30 - 2014-04-08 13:30 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-08 12:20 - 2014-04-23 15:01 - 00016921 _____ () C:\Users\Florian\Desktop\Cobblers.xlsx
2014-04-08 11:38 - 2014-04-08 11:53 - 682205800 _____ () C:\Users\Florian\Downloads\stock.vzw_root66.7z
2014-04-08 11:20 - 2013-03-29 07:11 - 00276480 _____ (Samsung) C:\Users\Florian\Downloads\SS_DL.dll
2014-04-07 15:20 - 2013-09-30 12:07 - 02290688 _____ (Samsung Electronics Co., Ltd.) C:\Users\Florian\Desktop\Odin3 v3.09.exe
2014-04-07 15:20 - 2013-09-30 12:07 - 00000682 _____ () C:\Users\Florian\Desktop\Odin3.ini
2014-04-07 13:11 - 2014-04-07 13:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 11:35 - 2014-04-03 11:35 - 00000000 ____D () C:\Users\Florian\Downloads\Miami to Ibiza flp
2014-04-03 10:57 - 2014-04-03 10:57 - 02649626 _____ () C:\Users\Florian\Downloads\BigRoom Loop.wav
2014-04-03 10:04 - 2014-04-03 11:34 - 18328331 _____ () C:\Users\Florian\Downloads\218ттттт (1).zip
2014-04-03 09:41 - 2014-04-03 09:41 - 19374829 _____ () C:\Users\Florian\Downloads\BigRoom.zip
2014-04-01 10:57 - 2013-12-01 12:40 - 00304788 _____ () C:\Users\Florian\Downloads\FDB13v20.cdb
2014-04-01 00:30 - 2014-04-01 00:30 - 05619110 _____ () C:\Users\Florian\Downloads\miami82remake.zip
2014-03-31 20:59 - 2014-03-31 20:59 - 13905441 _____ () C:\Users\Florian\Downloads\Project Resources (Important!).rar
2014-03-31 20:59 - 2014-03-31 20:59 - 06744483 _____ () C:\Users\Florian\Downloads\FLP (Updated Mar. 29, 2014).flp
2014-03-31 20:20 - 2014-03-31 20:20 - 00000000 ____D () C:\Users\Florian\Downloads\RegKey
2014-03-31 19:41 - 2014-03-31 20:09 - 84080737 _____ () C:\Users\Florian\Downloads\Vlad_FLST_11.1_Update.7z
2014-03-31 13:57 - 2014-03-31 13:57 - 00001416 _____ () C:\Users\Florian\Downloads\Violin Solo 2.fxp
2014-03-31 10:45 - 2014-03-31 10:46 - 18597723 _____ () C:\Users\Florian\Downloads\La_Fleche_Wallonne_1.zip
2014-03-31 10:44 - 2014-03-31 10:45 - 09812032 _____ () C:\Users\Florian\Downloads\Amstel_Gold_Race_1.zip
2014-03-27 13:39 - 2014-03-27 13:39 - 13977004 _____ () C:\Users\Florian\Downloads\Nightlife Remake.zip

==================== One Month Modified Files and Folders =======

2014-04-23 18:48 - 2014-04-23 18:47 - 00039699 _____ () C:\Users\Florian\Downloads\Addition.txt
2014-04-23 18:48 - 2014-04-23 18:44 - 00023352 _____ () C:\Users\Florian\Downloads\FRST.txt
2014-04-23 18:48 - 2014-04-23 18:44 - 00000000 ____D () C:\FRST
2014-04-23 18:44 - 2014-04-23 18:43 - 02061312 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2014-04-23 18:43 - 2013-11-15 16:58 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A30183E2-CD30-4DA2-9AEE-2D64E1281149}
2014-04-23 18:40 - 2013-05-01 12:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-23 18:35 - 2014-03-04 20:58 - 01432071 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-23 18:33 - 2013-07-30 19:04 - 01748936 _____ () C:\Users\Florian\Desktop\WETTMANAGER.xlsx
2014-04-23 18:31 - 2014-04-23 18:31 - 00000000 ___SH () C:\DkHyperbootSync
2014-04-23 18:28 - 2013-12-10 21:47 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\ClassicShell
2014-04-23 18:25 - 2013-04-29 18:51 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-480759746-1148897681-289319097-1001
2014-04-23 18:22 - 2014-04-23 18:22 - 00000000 ____D () C:\ProgramData\ESET
2014-04-23 18:22 - 2014-04-23 18:22 - 00000000 ____D () C:\Program Files\ESET
2014-04-23 18:21 - 2014-01-17 14:22 - 00000000 ____D () C:\Games
2014-04-23 18:20 - 2014-04-23 18:20 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-04-23 18:18 - 2014-04-23 18:16 - 81604608 _____ () C:\Users\Florian\Downloads\ess_nt64_deu.msi
2014-04-23 18:07 - 2014-04-08 19:47 - 00012803 _____ () C:\Users\Florian\Desktop\Ardennen.xlsx
2014-04-23 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-23 16:49 - 2013-05-02 00:15 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Dropbox
2014-04-23 16:48 - 2013-11-13 19:28 - 00000000 __RDO () C:\Users\Florian\SkyDrive
2014-04-23 16:48 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-23 16:48 - 2013-09-30 05:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-23 16:48 - 2013-09-30 05:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-23 16:47 - 2013-05-02 00:21 - 00000000 ___RD () C:\Users\Florian\Dropbox
2014-04-23 16:45 - 2014-02-11 22:33 - 00000000 ____D () C:\Users\Florian\AppData\Local\Deployment
2014-04-23 16:44 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-23 16:43 - 2014-04-23 16:43 - 05207312 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-23 16:18 - 2013-05-02 16:42 - 01132032 ___SH () C:\Users\Florian\Desktop\Thumbs.db
2014-04-23 16:04 - 2014-04-23 16:04 - 00000165 ____H () C:\Users\Florian\Desktop\~$Ardennen.xlsx
2014-04-23 15:01 - 2014-04-08 12:20 - 00016921 _____ () C:\Users\Florian\Desktop\Cobblers.xlsx
2014-04-23 11:12 - 2014-04-19 11:19 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-23 11:12 - 2013-06-27 22:00 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Azureus
2014-04-23 11:12 - 2013-06-19 22:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-23 10:56 - 2013-04-29 21:19 - 00000000 ____D () C:\Users\Florian\AppData\Local\Adobe
2014-04-23 10:33 - 2013-06-25 13:39 - 00000000 ____D () C:\Users\Florian\Documents\Outlook-Dateien
2014-04-20 17:10 - 2013-05-01 18:26 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\vlc
2014-04-20 17:00 - 2014-04-20 15:15 - 00000000 ____D () C:\Users\Florian\Desktop\SIZE Tribute
2014-04-20 15:45 - 2014-04-20 15:40 - 76042684 _____ () C:\Users\Florian\Downloads\Blinders Unreleased Remix Pack.zip
2014-04-20 15:02 - 2013-08-26 19:43 - 01686528 ___SH () C:\Users\Florian\Downloads\Thumbs.db
2014-04-20 10:23 - 2014-04-20 10:23 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 10:23 - 2014-04-20 10:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 10:23 - 2014-04-20 10:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-20 10:18 - 2014-04-20 10:19 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-04-20 10:18 - 2014-04-20 10:18 - 00000000 ____D () C:\Program Files\Java
2014-04-19 23:48 - 2014-04-19 23:48 - 00516276 _____ () C:\Users\Florian\Downloads\Zen World Free 10 Drop Sounds Bank.fxb
2014-04-19 23:47 - 2014-04-19 23:47 - 02688123 _____ () C:\Users\Florian\Downloads\Zen World 10 Esential Kicks Non-Vip  Edition.zip
2014-04-19 22:09 - 2014-04-19 22:07 - 28679799 _____ () C:\Users\Florian\Downloads\We Are Legend (Levito Edit)[FLP Project].zip
2014-04-19 22:09 - 2014-04-19 22:07 - 26797560 _____ () C:\Users\Florian\Downloads\Sentido (Levito Edit)[FLP Project].zip
2014-04-19 19:49 - 2014-04-19 18:13 - 2751463282 _____ () C:\Users\Florian\Downloads\#DECADE.zip
2014-04-19 14:08 - 2014-04-19 08:11 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part3.rar
2014-04-19 14:00 - 2014-04-19 14:00 - 00000000 ____D () C:\Users\Florian\Downloads\Swedish House Mafia - One Last Tour A Live Soundtrack
2014-04-19 13:58 - 2014-04-19 13:51 - 127042534 _____ () C:\Users\Florian\Downloads\Swedishk.part3.rar
2014-04-19 13:52 - 2014-04-19 13:38 - 209715200 _____ () C:\Users\Florian\Downloads\Swedishk.part2.rar
2014-04-19 13:38 - 2014-04-19 13:27 - 209715200 _____ () C:\Users\Florian\Downloads\Swedishk.part1.rar
2014-04-19 13:27 - 2014-04-18 23:29 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part2.rar
2014-04-19 13:19 - 2014-04-19 08:11 - 125085831 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part4.rar
2014-04-19 13:01 - 2014-04-18 23:29 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part1.rar
2014-04-18 23:29 - 2014-04-18 23:29 - 00001476 _____ () C:\Users\Florian\Downloads\hw227k439kr044a-share-online.biz.dlc
2014-04-18 18:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-18 14:21 - 2014-04-18 14:21 - 00000955 _____ () C:\Users\Florian\Downloads\Buy_Now_-_For_Sale_(Steve_Angello__Sebastian_Ingrosso_Mix)__Hardfire2002_20070507170020.mid
2014-04-18 00:15 - 2014-04-19 22:35 - 3232193962 _____ () C:\Users\Florian\Downloads\Swedish.House.Mafia.Leave.The.World.Behind.2014.1080p.WEB-DL.H264-PublicHD.mkv
2014-04-15 11:09 - 2013-04-29 18:43 - 00000000 ____D () C:\Users\Florian\AppData\Local\Packages
2014-04-15 10:48 - 2013-04-29 18:50 - 00000000 ____D () C:\Update
2014-04-14 22:29 - 2013-02-01 04:41 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-04-14 22:03 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-14 17:06 - 2014-04-14 17:06 - 00010920 _____ () C:\Users\Florian\Downloads\HÜ9-Berechnung.xlsx
2014-04-12 18:10 - 2013-11-13 18:56 - 00000000 ____D () C:\Users\Florian
2014-04-11 02:32 - 2013-06-21 01:51 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Pro Cycling Manager 2013
2014-04-11 01:58 - 2013-06-21 01:51 - 00000000 ____D () C:\Users\Florian\Documents\Pro Cycling Manager 2013
2014-04-11 00:26 - 2014-04-11 00:26 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-04-11 00:26 - 2013-08-17 18:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-11 00:26 - 2013-02-01 04:27 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-04-11 00:24 - 2013-05-01 16:18 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-10 23:20 - 2014-04-10 23:18 - 00000000 ____D () C:\Program Files\Recuva
2014-04-10 23:18 - 2014-04-10 23:18 - 03161056 _____ (Piriform Ltd) C:\Users\Florian\Downloads\rcsetup151_slim.exe
2014-04-10 23:18 - 2014-04-10 23:18 - 00001670 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-04-10 23:11 - 2014-04-10 23:09 - 00000000 ____D () C:\Users\Florian\Desktop\Data
2014-04-10 23:08 - 2014-04-10 23:08 - 00103669 _____ () C:\Users\Florian\Downloads\excel_v06.7z
2014-04-10 23:08 - 2014-04-10 23:06 - 00000000 ____D () C:\Users\Florian\Downloads\Lachi Editor
2014-04-10 23:06 - 2014-04-10 23:06 - 01181825 _____ () C:\Users\Florian\Downloads\lachiseditor_v13.rar
2014-04-10 19:46 - 2014-04-10 19:46 - 00000000 ____D () C:\Users\Florian\Downloads\TV Noise - The Hold (DanteMusic Remake) + FLP
2014-04-10 19:23 - 2014-04-10 19:23 - 01865408 _____ () C:\Users\Florian\Downloads\VES2 FX Impact 34.wav
2014-04-10 19:21 - 2014-04-10 19:21 - 00340100 _____ () C:\Users\Florian\Downloads\VES1 FX Downlifter 101.wav
2014-04-09 16:22 - 2014-04-09 16:14 - 00000000 ____D () C:\Users\Florian\Downloads\reFX Nexus v2.2 with skins and expansion Packs
2014-04-09 13:20 - 2014-04-09 13:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 13:19 - 2014-04-09 13:19 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-08 19:12 - 2013-05-02 17:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-08 15:45 - 2014-04-08 15:45 - 00000165 ____H () C:\Users\Florian\Desktop\~$Cobblers.xlsx
2014-04-08 13:30 - 2014-04-08 13:30 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-08 11:53 - 2014-04-08 11:38 - 682205800 _____ () C:\Users\Florian\Downloads\stock.vzw_root66.7z
2014-04-07 13:12 - 2014-04-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-06 23:09 - 2013-07-30 18:14 - 00000000 ____D () C:\Users\Florian\Desktop\Uni
2014-04-06 23:09 - 2013-07-30 18:12 - 00000000 ____D () C:\Users\Florian\Desktop\PDFs and Screens
2014-04-06 23:08 - 2013-06-25 10:49 - 00000000 ____D () C:\Users\Florian\Desktop\FL Studio
2014-04-03 11:35 - 2014-04-03 11:35 - 00000000 ____D () C:\Users\Florian\Downloads\Miami to Ibiza flp
2014-04-03 11:34 - 2014-04-03 10:04 - 18328331 _____ () C:\Users\Florian\Downloads\218ттттт (1).zip
2014-04-03 10:57 - 2014-04-03 10:57 - 02649626 _____ () C:\Users\Florian\Downloads\BigRoom Loop.wav
2014-04-03 09:41 - 2014-04-03 09:41 - 19374829 _____ () C:\Users\Florian\Downloads\BigRoom.zip
2014-04-01 00:30 - 2014-04-01 00:30 - 05619110 _____ () C:\Users\Florian\Downloads\miami82remake.zip
2014-03-31 23:40 - 2013-05-01 19:54 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FlowStone
2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 20:59 - 2014-03-31 20:59 - 13905441 _____ () C:\Users\Florian\Downloads\Project Resources (Important!).rar
2014-03-31 20:59 - 2014-03-31 20:59 - 06744483 _____ () C:\Users\Florian\Downloads\FLP (Updated Mar. 29, 2014).flp
2014-03-31 20:20 - 2014-03-31 20:20 - 00000000 ____D () C:\Users\Florian\Downloads\RegKey
2014-03-31 20:09 - 2014-03-31 19:41 - 84080737 _____ () C:\Users\Florian\Downloads\Vlad_FLST_11.1_Update.7z
2014-03-31 13:57 - 2014-03-31 13:57 - 00001416 _____ () C:\Users\Florian\Downloads\Violin Solo 2.fxp
2014-03-31 10:46 - 2014-03-31 10:45 - 18597723 _____ () C:\Users\Florian\Downloads\La_Fleche_Wallonne_1.zip
2014-03-31 10:45 - 2014-03-31 10:44 - 09812032 _____ () C:\Users\Florian\Downloads\Amstel_Gold_Race_1.zip
2014-03-31 03:16 - 2014-04-09 13:21 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-31 01:57 - 2014-04-09 13:21 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-29 11:33 - 2013-04-29 19:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-27 13:39 - 2014-03-27 13:39 - 13977004 _____ () C:\Users\Florian\Downloads\Nightlife Remake.zip

Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\avgnt.exe
C:\Users\Florian\AppData\Local\Temp\InstHelper.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-24 13:19

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by Florian at 2014-04-23 18:49:22
Running from C:\Users\Florian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.06)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Azureus (HKLM-x32\...\Azureus) (Version: 2.5.0.4 - )
Behind The Reflection 2: Witch's Revenge (x32 Version: 3.0.2.32 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
Camel Audio CamelCrusher64 (HKLM-x32\...\Camel Audio CamelCrusher64) (Version: 1.01.0 - Camel Audio)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DJ OldGames Package: Grand Prix 2 (HKLM-x32\...\GrandPrix267) (Version: 1.0.3.0 - DJ)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
ESET Smart Security (HKLM\...\{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}) (Version: 7.0.302.26 - ESET, spol s r. o.)
ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies)
F1 2013 (HKLM-x32\...\RjEyMDEz_is1) (Version: 1 - )
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FeedReader (HKLM-x32\...\FeedReader_is1) (Version:  - i-Systems Inc.)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version:  - Sports Interactive)
Football Manager 2014 Editor (HKLM-x32\...\Steam App 242460) (Version:  - )
Football Manager 2014 Resource Archiver (HKLM-x32\...\Steam App 242480) (Version:  - )
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41505) (Version: 3.8.0.41505.25 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KMSnano 22 (HKLM\...\KMSnano 22_is1) (Version: KMSnano 22 - )
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Melodyne 3.2 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.2.0202 - Celemony Software GmbH)
Melodyne 3.2 (x32 Version: 3.2.0202 - Celemony Software GmbH) Hidden
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Microsoft Office 365 Home Premium - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM-x32\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM-x32\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Midnight Mysteries: Devil on the Mississippi (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mixed In Key 2.5 (HKLM-x32\...\Mixed In Key) (Version: 2.5 - )
MotoGP(TM)13 (HKLM-x32\...\{4B784CE7-7CDB-4AF1-B636-2DC3EA51EA87}) (Version: 1.00.0000 - Milestone)
MotoGP(TM)13 (x32 Version: 1.00.0000 - Milestone) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Opera Next 17.0.1241.18 (HKLM-x32\...\Opera 17.0.1241.18) (Version: 17.0.1241.18 - Opera Software ASA)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
PCM Fast Editor (HKCU\...\b4e96ac10814a05a) (Version: 2.1.0.0 - PCM Fast Editor)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Pro Cycling Manager 2013 (HKLM-x32\...\Steam App 219800) (Version:  - Cyanide Studios)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SAP Business Explorer (HKLM-x32\...\SAPBI) (Version: 7.30 - SAP AG)
SAP GUI for Windows 7.30 (HKLM-x32\...\SAPGUI710) (Version: 7.30 Compilation 1 - SAP)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.3 - Synaptics Incorporated)
Tour de France 2013 - Der offizielle Radsport-Manager Version 1 (HKLM-x32\...\Pro Cycling Manager 2013_is1) (Version: 1.0.2.0 - Cyanide)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.0.11020 - Sony Corporation)
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.3.0.09290 - Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.1.10120 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Hardwarediagnose-Plugin für VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.7.0.11070 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WOW (HKLM-x32\...\WOW) (Version: 1.0 - Sugar Bytes)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Restore Points  =========================

23-04-2014 16:21:12 ESET Smart Security wurde installiert

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01B42094-D639-40E5-9EA2-50883B9937DA} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1171645F-726F-44DA-900E-9F0C5D32D186} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-11] (Microsoft Corporation)
Task: {1B4D49AF-BF06-46F4-A5E1-87CCCB0DD5CD} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {1EA4DD31-4029-4575-B48B-23A5202EE147} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-13] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21B7ABE8-2CAA-4417-B6B1-D9D84A99C606} - System32\Tasks\Sony Corporation\VAIO Care Rescue Tool => C:\Windows\Temp\VAIO Care Rescue Tool.vbs
Task: {24BCA533-0053-4010-A9EF-0B6CE941599D} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-01] (Sony Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41FB8702-7359-4841-A226-F46551CF4B0F} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-08-30] (Sony Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5496C584-8D97-4E05-A3D1-4C7759B7D769} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {664646F9-20AF-4C8B-8033-145CD7782980} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DAE5136-421B-4650-B997-7BA2B10F8914} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7E4689EC-5CC0-43E9-9B8D-E3D32560412C} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)
Task: {80241D31-0D12-4C7D-B2E5-98FBAB799898} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {8237692F-E635-4827-9085-2A6F496D6E48} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {837A6961-7440-4086-878E-34E26AE77695} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8AC402B4-398D-4CF9-ACA6-5BE08F49B2F2} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-09-19] (Sony Corporation)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B4BBC08D-58F0-41C3-92BB-EE6556D5CEC7} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {BA692A69-627B-4D0E-8FEF-6FA5EE74C34F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-13] (Microsoft Corporation)
Task: {C44B50F1-BA34-464E-BA6C-D4D76D07B329} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {C5F48EBE-D246-4722-9013-5F5D68164367} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {C68D1F58-C9C0-4DB7-9ADE-6D2BA274797C} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {C735A74F-C9F3-4375-AF70-40C64EC6B72B} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {CE85A2EC-963D-48FC-B3CF-45D7A46D8B80} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-09-27] (Sony Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DF6F2EF5-3A15-411B-A7F5-61148A84A912} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {E598A586-C637-44A2-8133-860E11D39609} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {E617B5AD-887B-4EC4-93A2-08C078527E91} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-...@gmx.at => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {ECA5F738-6D6C-42FE-89BD-AB97A5365CAB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {EFE12686-2973-435A-A0CA-077BF4166866} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {F564DD9F-7B21-4D48-8F08-75736B2E2D3B} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-05-02 16:13 - 2013-08-23 15:45 - 00386216 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-05-02 16:13 - 2013-10-31 10:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-05-02 16:13 - 2013-10-31 10:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-06-18 23:58 - 2013-06-18 23:58 - 00739328 _____ () C:\Users\Florian\AppData\Local\Apps\2.0\585GMAVG.QNA\GA630GOZ.C98\pcmf..tion_c1e7c94c1be0ad92_0002.0001_506a9e03f002d25d\PCM Fast Editor.exe
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 14:27 - 2012-08-06 14:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2014-03-29 11:33 - 2014-03-19 12:00 - 01380704 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
2012-08-06 14:27 - 2012-08-06 14:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-11-13 14:01 - 2013-11-13 14:01 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-01-15 18:43 - 2014-01-15 18:43 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Florian\AppData\Roaming\Dropbox\bin\libcef.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-03-29 11:33 - 2014-03-19 12:00 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\libglesv2.dll
2014-03-29 11:33 - 2014-03-19 12:00 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\libegl.dll
2014-03-29 11:33 - 2014-03-19 12:00 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\ffmpegsumo.dll
2013-02-01 04:33 - 2012-07-18 07:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Florian\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth VDP Device
Description: Bluetooth VDP Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_VDP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2014 04:47:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SearchIndexer.exe, Version: 7.0.9600.16384, Zeitstempel: 0x5215d4c4
Name des fehlerhaften Moduls: MSSRCH.DLL, Version: 7.0.9600.16384, Zeitstempel: 0x5215d425
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006dbe
ID des fehlerhaften Prozesses: 0xed0
Startzeit der fehlerhaften Anwendung: 0xSearchIndexer.exe0
Pfad der fehlerhaften Anwendung: SearchIndexer.exe1
Pfad des fehlerhaften Moduls: SearchIndexer.exe2
Berichtskennung: SearchIndexer.exe3
Vollständiger Name des fehlerhaften Pakets: SearchIndexer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SearchIndexer.exe5

Error: (04/23/2014 09:46:22 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/21/2014 06:07:01 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/20/2014 09:49:00 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/19/2014 11:32:16 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/19/2014 11:22:15 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SearchIndexer.exe, Version: 7.0.9600.16384, Zeitstempel: 0x5215d4c4
Name des fehlerhaften Moduls: MSSRCH.DLL, Version: 7.0.9600.16384, Zeitstempel: 0x5215d425
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006dbe
ID des fehlerhaften Prozesses: 0x4ac
Startzeit der fehlerhaften Anwendung: 0xSearchIndexer.exe0
Pfad der fehlerhaften Anwendung: SearchIndexer.exe1
Pfad des fehlerhaften Moduls: SearchIndexer.exe2
Berichtskennung: SearchIndexer.exe3
Vollständiger Name des fehlerhaften Pakets: SearchIndexer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SearchIndexer.exe5

Error: (04/18/2014 11:15:18 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/17/2014 09:45:13 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/15/2014 11:03:55 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SearchIndexer.exe, Version: 7.0.9600.16384, Zeitstempel: 0x5215d4c4
Name des fehlerhaften Moduls: MSSRCH.DLL, Version: 7.0.9600.16384, Zeitstempel: 0x5215d425
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006dbe
ID des fehlerhaften Prozesses: 0xec8
Startzeit der fehlerhaften Anwendung: 0xSearchIndexer.exe0
Pfad der fehlerhaften Anwendung: SearchIndexer.exe1
Pfad des fehlerhaften Moduls: SearchIndexer.exe2
Berichtskennung: SearchIndexer.exe3
Vollständiger Name des fehlerhaften Pakets: SearchIndexer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SearchIndexer.exe5

Error: (04/15/2014 11:21:21 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005


System errors:
=============
Error: (04/23/2014 06:23:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ESET Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/23/2014 04:50:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.

Error: (04/23/2014 04:47:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/23/2014 04:45:02 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ExpressCache erreicht.

Error: (04/23/2014 04:44:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee PC Task Scheduler Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/23/2014 04:44:20 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee PC Task Scheduler Service erreicht.

Error: (04/23/2014 04:44:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/23/2014 04:44:20 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (04/23/2014 04:43:19 PM) (Source: Microsoft-Windows-HAL) (User: NT-AUTORITÄT)
Description: Der Systemüberwachungszeitgeber wurde ausgelöst.

Error: (04/23/2014 04:44:03 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎23.‎04.‎2014 um 16:23:02 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (04/23/2014 04:47:09 PM) (Source: Application Error)(User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbeed001cf5f02bbeedf63C:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL25315638-caf6-11e3-bfbf-a41731e6f94c

Error: (04/23/2014 09:46:22 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/21/2014 06:07:01 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/20/2014 09:49:00 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/19/2014 11:32:16 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/19/2014 11:22:15 AM) (Source: Application Error)(User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbe4ac01cf5bb0b4e90beeC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL185c6321-c7a4-11e3-bfbd-a41731e6f94c

Error: (04/18/2014 11:15:18 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/17/2014 09:45:13 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/15/2014 11:03:55 PM) (Source: Application Error)(User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbeec801cf58ee0cf7f610C:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL73e29dde-c4e1-11e3-bfbc-a41731e6f94c

Error: (04/15/2014 11:21:21 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005


CodeIntegrity Errors:
===================================
  Date: 2014-03-13 09:36:41.282
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:41.155
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.982
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.870
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.767
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.541
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.447
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.198
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 61%
Total physical RAM: 3975.27 MB
Available physical RAM: 1526.29 MB
Total Pagefile: 6023.27 MB
Available Pagefile: 3492.68 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:438.23 GB) (Free:11.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 97A91315)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 22 GB) (Disk ID: 1E13C576)

Partition: GPT Partition Type.

==================== End Of Log ============================
--- --- ---


Und falls noch weitere Scans erforderlich sind, bitte darauf hinweisen, ich bin da echt kein Experte. :dankeschoen:

M-K-D-B 23.04.2014 18:36
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 4 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
    Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
    Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.






Bitte alle Tools auf dem Desktop abspeichern, nicht im Downloadordner!





Ich sehe nur ein bisschen Adware, darum kümmern wir uns erst mal. :)

Gibt es Probleme mit dem Rechner?




Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3
Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu einen Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden zwei Logdateien erzeugt. Poste mir diese.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.

ppanther1 23.04.2014 20:16
Merci!

Nein, es gibt keine Probleme, nur war ich etwas verunsichert.

Code:
# AdwCleaner v3.202 - Bericht erstellt am 23/04/2014 um 21:09:06
# Aktualisiert 23/04/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Florian - VAIO
# Gestartet von : C:\Users\Florian\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Florian\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Florian\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Florian\AppData\Roaming\pdfforge
Datei Gelöscht : C:\END

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\Conduit

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\0eyblsge.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1833 octets] - [23/04/2014 19:56:25]
AdwCleaner[S0].txt - [1714 octets] - [23/04/2014 21:09:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1774 octets] ##########

M-K-D-B 24.04.2014 09:13
Servus,



fehlen noch die Logdateien von MBAM und FRST.

ppanther1 25.04.2014 08:15
Sorry, ich hatte gestern keinen Zugang zu meinem PC.

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 23.04.2014
Scan Time: 21:48:37
Logfile: MBAM.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.23.08
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Florian

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 283346
Time Elapsed: 29 min, 38 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by Florian (administrator) on VAIO on 25-04-2014 09:11:16
Running from C:\Users\Florian\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\DllHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Dropbox, Inc.) C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\WINDOWS\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-20] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-11-09] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-480759746-1148897681-289319097-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-480759746-1148897681-289319097-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1826496 2014-04-22] (Valve Corporation)
HKU\S-1-5-21-480759746-1148897681-289319097-1001\...\MountPoints2: {72b10914-3a94-11e3-bf2b-5453ed3765ed} - "E:\LGAutoRun.exe"
HKU\S-1-5-21-480759746-1148897681-289319097-1001\...\MountPoints2: {a314f7fb-d678-11e2-be9f-a41731e6f94c} - "D:\SETUP.EXE"
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKCU - {9103806E-03CF-4EF1-B6C9-5E822DF23297} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {A79DA6DA-D390-4A5F-BD8C-96ACC244AC11} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3305104&CUI=UN16871039762619913&UM=2
SearchScopes: HKCU - {DC9F28B0-31EF-495F-8FA9-7D2616C272CE} URL = hxxp://rover.ebay.com/rover/1/5221-29898-16445-29/4?mpre=hxxp://shop.ebay.at/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} -  No File
Handler: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\0eyblsge.default
FF NetworkProxy: "http", "202.43.188.156"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: anonymoX - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\0eyblsge.default\Extensions\client@anonymox.net.xpi [2013-11-02]
FF Extension: Adblock Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\0eyblsge.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-02]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-02]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-04-23]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-06-19] (Adobe Systems)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
S2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1369136 2013-09-25] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-06-16] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-11-09] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-13] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-25 09:11 - 2014-04-25 09:11 - 00000000 ____D () C:\Users\Florian\Downloads\FRST-OlderVersion
2014-04-25 09:09 - 2014-04-25 09:09 - 00001036 _____ () C:\Users\Florian\Downloads\MBAM.txt
2014-04-24 18:23 - 2014-04-24 19:20 - 524953794 _____ () C:\Users\Florian\Downloads\iZotope BreakTweaker VST2,VST3,RTAS (v1.0.0.573 WIN - x86, x64) [zippy-music.com].rar
2014-04-24 00:59 - 2014-04-24 00:59 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pcciclismo 2013
2014-04-24 00:48 - 2014-04-24 00:49 - 957058317 _____ () C:\Users\Florian\Downloads\pcciclismo2013(1).exe
2014-04-24 00:25 - 2004-09-12 14:26 - 00729088 _____ () C:\Users\Florian\Desktop\Edit.exe
2014-04-23 23:25 - 2014-04-23 23:25 - 05207312 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-23 23:25 - 2014-04-23 23:25 - 00748088 _____ () C:\WINDOWS\Minidump\042314-47703-01.dmp
2014-04-23 23:10 - 2000-03-16 18:10 - 00164864 _____ () C:\WINDOWS\SysWOW64\patchw32.dll
2014-04-23 23:09 - 2014-04-23 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Ciclismo 2001
2014-04-23 23:09 - 2014-04-23 23:09 - 00000000 ____D () C:\Program Files (x86)\Dinamic Multimedia
2014-04-23 19:56 - 2014-04-23 21:09 - 00000000 ____D () C:\AdwCleaner
2014-04-23 19:39 - 2014-04-23 19:39 - 01365865 _____ () C:\Users\Florian\Downloads\adwcleaner.exe
2014-04-23 19:03 - 2014-04-25 09:09 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 19:02 - 2014-04-23 19:02 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-23 19:02 - 2014-04-23 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-23 19:02 - 2014-04-23 19:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 19:02 - 2014-04-23 19:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-23 19:02 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-23 19:02 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-23 19:02 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-23 19:01 - 2014-04-23 19:02 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Florian\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-23 18:47 - 2014-04-23 18:50 - 00039179 _____ () C:\Users\Florian\Downloads\Addition.txt
2014-04-23 18:44 - 2014-04-25 09:11 - 00023006 _____ () C:\Users\Florian\Downloads\FRST.txt
2014-04-23 18:44 - 2014-04-25 09:11 - 00000000 ____D () C:\FRST
2014-04-23 18:43 - 2014-04-25 09:11 - 02061824 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2014-04-23 18:22 - 2014-04-23 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-04-23 18:22 - 2014-04-23 18:22 - 00000000 ____D () C:\ProgramData\ESET
2014-04-23 18:22 - 2014-04-23 18:22 - 00000000 ____D () C:\Program Files\ESET
2014-04-23 18:16 - 2014-04-23 18:18 - 81604608 _____ () C:\Users\Florian\Downloads\ess_nt64_deu.msi
2014-04-23 16:04 - 2014-04-23 16:04 - 00000165 ____H () C:\Users\Florian\Desktop\~$Ardennen.xlsx
2014-04-20 15:40 - 2014-04-20 15:45 - 76042684 _____ () C:\Users\Florian\Downloads\Blinders Unreleased Remix Pack.zip
2014-04-20 15:15 - 2014-04-20 17:00 - 00000000 ____D () C:\Users\Florian\Desktop\SIZE Tribute
2014-04-20 10:23 - 2014-04-20 10:23 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 10:23 - 2014-04-20 10:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 10:23 - 2014-04-20 10:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-20 10:19 - 2014-04-20 10:18 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-04-20 10:18 - 2014-04-20 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 10:18 - 2014-04-20 10:18 - 00000000 ____D () C:\Program Files\Java
2014-04-19 23:48 - 2014-04-19 23:48 - 00516276 _____ () C:\Users\Florian\Downloads\Zen World Free 10 Drop Sounds Bank.fxb
2014-04-19 23:47 - 2014-04-19 23:47 - 02688123 _____ () C:\Users\Florian\Downloads\Zen World 10 Esential Kicks Non-Vip  Edition.zip
2014-04-19 22:35 - 2014-04-18 00:15 - 3232193962 _____ () C:\Users\Florian\Downloads\Swedish.House.Mafia.Leave.The.World.Behind.2014.1080p.WEB-DL.H264-PublicHD.mkv
2014-04-19 22:07 - 2014-04-19 22:09 - 28679799 _____ () C:\Users\Florian\Downloads\We Are Legend (Levito Edit)[FLP Project].zip
2014-04-19 22:07 - 2014-04-19 22:09 - 26797560 _____ () C:\Users\Florian\Downloads\Sentido (Levito Edit)[FLP Project].zip
2014-04-19 18:13 - 2014-04-19 19:49 - 2751463282 _____ () C:\Users\Florian\Downloads\#DECADE.zip
2014-04-19 14:00 - 2014-04-19 14:00 - 00000000 ____D () C:\Users\Florian\Downloads\Swedish House Mafia - One Last Tour A Live Soundtrack
2014-04-19 13:51 - 2014-04-19 13:58 - 127042534 _____ () C:\Users\Florian\Downloads\Swedishk.part3.rar
2014-04-19 13:38 - 2014-04-19 13:52 - 209715200 _____ () C:\Users\Florian\Downloads\Swedishk.part2.rar
2014-04-19 13:27 - 2014-04-19 13:38 - 209715200 _____ () C:\Users\Florian\Downloads\Swedishk.part1.rar
2014-04-19 11:19 - 2014-04-23 23:25 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-19 08:11 - 2014-04-19 14:08 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part3.rar
2014-04-19 08:11 - 2014-04-19 13:19 - 125085831 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part4.rar
2014-04-18 23:29 - 2014-04-19 13:27 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part2.rar
2014-04-18 23:29 - 2014-04-19 13:01 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part1.rar
2014-04-18 23:29 - 2014-04-18 23:29 - 00001476 _____ () C:\Users\Florian\Downloads\hw227k439kr044a-share-online.biz.dlc
2014-04-18 14:21 - 2014-04-18 14:21 - 00000955 _____ () C:\Users\Florian\Downloads\Buy_Now_-_For_Sale_(Steve_Angello__Sebastian_Ingrosso_Mix)__Hardfire2002_20070507170020.mid
2014-04-14 22:29 - 2014-04-14 22:29 - 00000998 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-04-14 17:06 - 2014-04-14 17:06 - 00010920 _____ () C:\Users\Florian\Downloads\HÜ9-Berechnung.xlsx
2014-04-11 00:26 - 2014-04-11 00:26 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-04-10 23:18 - 2014-04-10 23:20 - 00000000 ____D () C:\Program Files\Recuva
2014-04-10 23:18 - 2014-04-10 23:18 - 03161056 _____ (Piriform Ltd) C:\Users\Florian\Downloads\rcsetup151_slim.exe
2014-04-10 23:18 - 2014-04-10 23:18 - 00001670 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-04-10 23:09 - 2014-04-10 23:11 - 00000000 ____D () C:\Users\Florian\Desktop\Data
2014-04-10 23:08 - 2014-04-10 23:08 - 00103669 _____ () C:\Users\Florian\Downloads\excel_v06.7z
2014-04-10 23:08 - 2012-07-02 17:08 - 00146432 _____ () C:\Users\Florian\Desktop\Exporter.xls
2014-04-10 23:08 - 2011-06-28 02:09 - 00019456 _____ () C:\Users\Florian\Desktop\ExcelExporter.exe
2014-04-10 23:08 - 2008-04-07 15:12 - 00184320 _____ () C:\Users\Florian\Desktop\Exporter.exe
2014-04-10 23:06 - 2014-04-10 23:08 - 00000000 ____D () C:\Users\Florian\Downloads\Lachi Editor
2014-04-10 23:06 - 2014-04-10 23:06 - 01181825 _____ () C:\Users\Florian\Downloads\lachiseditor_v13.rar
2014-04-10 19:46 - 2014-04-10 19:46 - 00000000 ____D () C:\Users\Florian\Downloads\TV Noise - The Hold (DanteMusic Remake) + FLP
2014-04-10 19:23 - 2014-04-10 19:23 - 01865408 _____ () C:\Users\Florian\Downloads\VES2 FX Impact 34.wav
2014-04-10 19:21 - 2014-04-10 19:21 - 00340100 _____ () C:\Users\Florian\Downloads\VES1 FX Downlifter 101.wav
2014-04-09 16:14 - 2014-04-09 16:22 - 00000000 ____D () C:\Users\Florian\Downloads\reFX Nexus v2.2 with skins and expansion Packs
2014-04-09 13:21 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-09 13:21 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-09 13:21 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-09 13:21 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-09 13:21 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-09 13:21 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-09 13:21 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-09 13:21 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-09 13:20 - 2014-04-09 13:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 13:19 - 2014-04-09 13:19 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-08 19:47 - 2014-04-23 18:07 - 00012803 _____ () C:\Users\Florian\Desktop\Ardennen.xlsx
2014-04-08 15:45 - 2014-04-08 15:45 - 00000165 ____H () C:\Users\Florian\Desktop\~$Cobblers.xlsx
2014-04-08 13:30 - 2014-04-08 13:30 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-08 12:20 - 2014-04-23 15:01 - 00016921 _____ () C:\Users\Florian\Desktop\Cobblers.xlsx
2014-04-08 11:38 - 2014-04-08 11:53 - 682205800 _____ () C:\Users\Florian\Downloads\stock.vzw_root66.7z
2014-04-08 11:20 - 2013-03-29 07:11 - 00276480 _____ (Samsung) C:\Users\Florian\Downloads\SS_DL.dll
2014-04-07 15:20 - 2013-09-30 12:07 - 02290688 _____ (Samsung Electronics Co., Ltd.) C:\Users\Florian\Desktop\Odin3 v3.09.exe
2014-04-07 15:20 - 2013-09-30 12:07 - 00000682 _____ () C:\Users\Florian\Desktop\Odin3.ini
2014-04-07 13:11 - 2014-04-07 13:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 11:35 - 2014-04-03 11:35 - 00000000 ____D () C:\Users\Florian\Downloads\Miami to Ibiza flp
2014-04-03 10:57 - 2014-04-03 10:57 - 02649626 _____ () C:\Users\Florian\Downloads\BigRoom Loop.wav
2014-04-03 10:04 - 2014-04-03 11:34 - 18328331 _____ () C:\Users\Florian\Downloads\218ттттт (1).zip
2014-04-03 09:41 - 2014-04-03 09:41 - 19374829 _____ () C:\Users\Florian\Downloads\BigRoom.zip
2014-04-01 10:57 - 2013-12-01 12:40 - 00304788 _____ () C:\Users\Florian\Downloads\FDB13v20.cdb
2014-04-01 00:30 - 2014-04-01 00:30 - 05619110 _____ () C:\Users\Florian\Downloads\miami82remake.zip
2014-03-31 20:59 - 2014-03-31 20:59 - 13905441 _____ () C:\Users\Florian\Downloads\Project Resources (Important!).rar
2014-03-31 20:59 - 2014-03-31 20:59 - 06744483 _____ () C:\Users\Florian\Downloads\FLP (Updated Mar. 29, 2014).flp
2014-03-31 20:20 - 2014-03-31 20:20 - 00000000 ____D () C:\Users\Florian\Downloads\RegKey
2014-03-31 19:41 - 2014-03-31 20:09 - 84080737 _____ () C:\Users\Florian\Downloads\Vlad_FLST_11.1_Update.7z
2014-03-31 13:57 - 2014-03-31 13:57 - 00001416 _____ () C:\Users\Florian\Downloads\Violin Solo 2.fxp
2014-03-31 10:45 - 2014-03-31 10:46 - 18597723 _____ () C:\Users\Florian\Downloads\La_Fleche_Wallonne_1.zip
2014-03-31 10:44 - 2014-03-31 10:45 - 09812032 _____ () C:\Users\Florian\Downloads\Amstel_Gold_Race_1.zip
2014-03-27 13:39 - 2014-03-27 13:39 - 13977004 _____ () C:\Users\Florian\Downloads\Nightlife Remake.zip

==================== One Month Modified Files and Folders =======

2014-04-25 09:11 - 2014-04-25 09:11 - 00000000 ____D () C:\Users\Florian\Downloads\FRST-OlderVersion
2014-04-25 09:11 - 2014-04-23 18:44 - 00023006 _____ () C:\Users\Florian\Downloads\FRST.txt
2014-04-25 09:11 - 2014-04-23 18:44 - 00000000 ____D () C:\FRST
2014-04-25 09:11 - 2014-04-23 18:43 - 02061824 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2014-04-25 09:10 - 2013-12-10 21:47 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\ClassicShell
2014-04-25 09:09 - 2014-04-25 09:09 - 00001036 _____ () C:\Users\Florian\Downloads\MBAM.txt
2014-04-25 09:09 - 2014-04-23 19:03 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-25 09:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-25 08:58 - 2013-11-15 16:58 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A30183E2-CD30-4DA2-9AEE-2D64E1281149}
2014-04-25 08:58 - 2013-07-30 19:04 - 01754580 _____ () C:\Users\Florian\Desktop\WETTMANAGER.xlsx
2014-04-25 08:40 - 2013-05-01 12:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-25 08:27 - 2013-04-29 21:19 - 00000000 ____D () C:\Users\Florian\AppData\Local\Adobe
2014-04-25 06:01 - 2014-03-04 20:58 - 01549857 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-24 19:20 - 2014-04-24 18:23 - 524953794 _____ () C:\Users\Florian\Downloads\iZotope BreakTweaker VST2,VST3,RTAS (v1.0.0.573 WIN - x86, x64) [zippy-music.com].rar
2014-04-24 11:40 - 2013-06-21 01:51 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Pro Cycling Manager 2013
2014-04-24 11:37 - 2013-06-21 01:51 - 00000000 ____D () C:\Users\Florian\Documents\Pro Cycling Manager 2013
2014-04-24 11:37 - 2013-06-19 22:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-24 11:29 - 2014-02-11 22:33 - 00000000 ____D () C:\Users\Florian\AppData\Local\Deployment
2014-04-24 00:59 - 2014-04-24 00:59 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pcciclismo 2013
2014-04-24 00:59 - 2013-04-29 18:51 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-480759746-1148897681-289319097-1001
2014-04-24 00:49 - 2014-04-24 00:48 - 957058317 _____ () C:\Users\Florian\Downloads\pcciclismo2013(1).exe
2014-04-24 00:31 - 2013-05-02 00:15 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Dropbox
2014-04-24 00:30 - 2013-05-02 00:21 - 00000000 ___RD () C:\Users\Florian\Dropbox
2014-04-24 00:27 - 2013-11-13 19:28 - 00000000 __RDO () C:\Users\Florian\SkyDrive
2014-04-23 23:32 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-23 23:32 - 2013-09-30 05:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-23 23:32 - 2013-09-30 05:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-23 23:29 - 2013-11-13 18:56 - 00000000 ____D () C:\Users\Florian
2014-04-23 23:29 - 2013-05-02 16:42 - 01132032 ___SH () C:\Users\Florian\Desktop\Thumbs.db
2014-04-23 23:25 - 2014-04-23 23:25 - 05207312 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-23 23:25 - 2014-04-23 23:25 - 00748088 _____ () C:\WINDOWS\Minidump\042314-47703-01.dmp
2014-04-23 23:25 - 2014-04-19 11:19 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-23 23:25 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-23 23:09 - 2014-04-23 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Ciclismo 2001
2014-04-23 23:09 - 2014-04-23 23:09 - 00000000 ____D () C:\Program Files (x86)\Dinamic Multimedia
2014-04-23 23:09 - 2013-02-01 04:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-23 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2014-04-23 21:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-23 21:09 - 2014-04-23 19:56 - 00000000 ____D () C:\AdwCleaner
2014-04-23 19:39 - 2014-04-23 19:39 - 01365865 _____ () C:\Users\Florian\Downloads\adwcleaner.exe
2014-04-23 19:02 - 2014-04-23 19:02 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-23 19:02 - 2014-04-23 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-23 19:02 - 2014-04-23 19:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 19:02 - 2014-04-23 19:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-23 19:02 - 2014-04-23 19:01 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Florian\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-23 18:50 - 2014-04-23 18:47 - 00039179 _____ () C:\Users\Florian\Downloads\Addition.txt
2014-04-23 18:22 - 2014-04-23 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-04-23 18:22 - 2014-04-23 18:22 - 00000000 ____D () C:\ProgramData\ESET
2014-04-23 18:22 - 2014-04-23 18:22 - 00000000 ____D () C:\Program Files\ESET
2014-04-23 18:21 - 2014-01-17 14:22 - 00000000 ____D () C:\Games
2014-04-23 18:18 - 2014-04-23 18:16 - 81604608 _____ () C:\Users\Florian\Downloads\ess_nt64_deu.msi
2014-04-23 18:07 - 2014-04-08 19:47 - 00012803 _____ () C:\Users\Florian\Desktop\Ardennen.xlsx
2014-04-23 16:04 - 2014-04-23 16:04 - 00000165 ____H () C:\Users\Florian\Desktop\~$Ardennen.xlsx
2014-04-23 15:01 - 2014-04-08 12:20 - 00016921 _____ () C:\Users\Florian\Desktop\Cobblers.xlsx
2014-04-23 11:12 - 2013-06-27 22:00 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Azureus
2014-04-23 10:33 - 2013-06-25 13:39 - 00000000 ____D () C:\Users\Florian\Documents\Outlook-Dateien
2014-04-20 17:10 - 2013-05-01 18:26 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\vlc
2014-04-20 17:00 - 2014-04-20 15:15 - 00000000 ____D () C:\Users\Florian\Desktop\SIZE Tribute
2014-04-20 15:45 - 2014-04-20 15:40 - 76042684 _____ () C:\Users\Florian\Downloads\Blinders Unreleased Remix Pack.zip
2014-04-20 15:02 - 2013-08-26 19:43 - 01686528 ___SH () C:\Users\Florian\Downloads\Thumbs.db
2014-04-20 10:23 - 2014-04-20 10:23 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-04-20 10:23 - 2014-04-20 10:23 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 10:23 - 2014-04-20 10:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 10:23 - 2014-04-20 10:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-20 10:18 - 2014-04-20 10:19 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-20 10:18 - 2014-04-20 10:18 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-04-20 10:18 - 2014-04-20 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 10:18 - 2014-04-20 10:18 - 00000000 ____D () C:\Program Files\Java
2014-04-19 23:48 - 2014-04-19 23:48 - 00516276 _____ () C:\Users\Florian\Downloads\Zen World Free 10 Drop Sounds Bank.fxb
2014-04-19 23:47 - 2014-04-19 23:47 - 02688123 _____ () C:\Users\Florian\Downloads\Zen World 10 Esential Kicks Non-Vip  Edition.zip
2014-04-19 22:09 - 2014-04-19 22:07 - 28679799 _____ () C:\Users\Florian\Downloads\We Are Legend (Levito Edit)[FLP Project].zip
2014-04-19 22:09 - 2014-04-19 22:07 - 26797560 _____ () C:\Users\Florian\Downloads\Sentido (Levito Edit)[FLP Project].zip
2014-04-19 19:49 - 2014-04-19 18:13 - 2751463282 _____ () C:\Users\Florian\Downloads\#DECADE.zip
2014-04-19 14:08 - 2014-04-19 08:11 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part3.rar
2014-04-19 14:00 - 2014-04-19 14:00 - 00000000 ____D () C:\Users\Florian\Downloads\Swedish House Mafia - One Last Tour A Live Soundtrack
2014-04-19 13:58 - 2014-04-19 13:51 - 127042534 _____ () C:\Users\Florian\Downloads\Swedishk.part3.rar
2014-04-19 13:52 - 2014-04-19 13:38 - 209715200 _____ () C:\Users\Florian\Downloads\Swedishk.part2.rar
2014-04-19 13:38 - 2014-04-19 13:27 - 209715200 _____ () C:\Users\Florian\Downloads\Swedishk.part1.rar
2014-04-19 13:27 - 2014-04-18 23:29 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part2.rar
2014-04-19 13:19 - 2014-04-19 08:11 - 125085831 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part4.rar
2014-04-19 13:01 - 2014-04-18 23:29 - 1046478851 _____ () C:\Users\Florian\Downloads\[web]ltwb14-1080.part1.rar
2014-04-18 23:29 - 2014-04-18 23:29 - 00001476 _____ () C:\Users\Florian\Downloads\hw227k439kr044a-share-online.biz.dlc
2014-04-18 18:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-18 14:21 - 2014-04-18 14:21 - 00000955 _____ () C:\Users\Florian\Downloads\Buy_Now_-_For_Sale_(Steve_Angello__Sebastian_Ingrosso_Mix)__Hardfire2002_20070507170020.mid
2014-04-18 00:15 - 2014-04-19 22:35 - 3232193962 _____ () C:\Users\Florian\Downloads\Swedish.House.Mafia.Leave.The.World.Behind.2014.1080p.WEB-DL.H264-PublicHD.mkv
2014-04-15 11:09 - 2013-04-29 18:43 - 00000000 ____D () C:\Users\Florian\AppData\Local\Packages
2014-04-15 10:48 - 2013-04-29 18:50 - 00000000 ____D () C:\Update
2014-04-14 22:29 - 2014-04-14 22:29 - 00000998 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-04-14 22:29 - 2013-02-01 04:41 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-04-14 17:06 - 2014-04-14 17:06 - 00010920 _____ () C:\Users\Florian\Downloads\HÜ9-Berechnung.xlsx
2014-04-11 00:26 - 2014-04-11 00:26 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-04-11 00:26 - 2013-08-17 18:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-11 00:26 - 2013-02-01 04:27 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-04-11 00:24 - 2013-05-01 16:18 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-10 23:20 - 2014-04-10 23:18 - 00000000 ____D () C:\Program Files\Recuva
2014-04-10 23:18 - 2014-04-10 23:18 - 03161056 _____ (Piriform Ltd) C:\Users\Florian\Downloads\rcsetup151_slim.exe
2014-04-10 23:18 - 2014-04-10 23:18 - 00001670 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-04-10 23:11 - 2014-04-10 23:09 - 00000000 ____D () C:\Users\Florian\Desktop\Data
2014-04-10 23:08 - 2014-04-10 23:08 - 00103669 _____ () C:\Users\Florian\Downloads\excel_v06.7z
2014-04-10 23:08 - 2014-04-10 23:06 - 00000000 ____D () C:\Users\Florian\Downloads\Lachi Editor
2014-04-10 23:06 - 2014-04-10 23:06 - 01181825 _____ () C:\Users\Florian\Downloads\lachiseditor_v13.rar
2014-04-10 19:46 - 2014-04-10 19:46 - 00000000 ____D () C:\Users\Florian\Downloads\TV Noise - The Hold (DanteMusic Remake) + FLP
2014-04-10 19:23 - 2014-04-10 19:23 - 01865408 _____ () C:\Users\Florian\Downloads\VES2 FX Impact 34.wav
2014-04-10 19:21 - 2014-04-10 19:21 - 00340100 _____ () C:\Users\Florian\Downloads\VES1 FX Downlifter 101.wav
2014-04-09 16:22 - 2014-04-09 16:14 - 00000000 ____D () C:\Users\Florian\Downloads\reFX Nexus v2.2 with skins and expansion Packs
2014-04-09 13:20 - 2014-04-09 13:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 13:19 - 2014-04-09 13:19 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-08 19:12 - 2013-05-02 17:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-08 15:45 - 2014-04-08 15:45 - 00000165 ____H () C:\Users\Florian\Desktop\~$Cobblers.xlsx
2014-04-08 13:30 - 2014-04-08 13:30 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-08 11:53 - 2014-04-08 11:38 - 682205800 _____ () C:\Users\Florian\Downloads\stock.vzw_root66.7z
2014-04-07 13:12 - 2014-04-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-06 23:09 - 2013-07-30 18:14 - 00000000 ____D () C:\Users\Florian\Desktop\Uni
2014-04-06 23:09 - 2013-07-30 18:12 - 00000000 ____D () C:\Users\Florian\Desktop\PDFs and Screens
2014-04-06 23:08 - 2013-06-25 10:49 - 00000000 ____D () C:\Users\Florian\Desktop\FL Studio
2014-04-03 11:35 - 2014-04-03 11:35 - 00000000 ____D () C:\Users\Florian\Downloads\Miami to Ibiza flp
2014-04-03 11:34 - 2014-04-03 10:04 - 18328331 _____ () C:\Users\Florian\Downloads\218ттттт (1).zip
2014-04-03 10:57 - 2014-04-03 10:57 - 02649626 _____ () C:\Users\Florian\Downloads\BigRoom Loop.wav
2014-04-03 09:51 - 2014-04-23 19:02 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-23 19:02 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-23 19:02 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-03 09:41 - 2014-04-03 09:41 - 19374829 _____ () C:\Users\Florian\Downloads\BigRoom.zip
2014-04-01 00:30 - 2014-04-01 00:30 - 05619110 _____ () C:\Users\Florian\Downloads\miami82remake.zip
2014-03-31 23:40 - 2013-05-01 19:54 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FlowStone
2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 20:59 - 2014-03-31 20:59 - 13905441 _____ () C:\Users\Florian\Downloads\Project Resources (Important!).rar
2014-03-31 20:59 - 2014-03-31 20:59 - 06744483 _____ () C:\Users\Florian\Downloads\FLP (Updated Mar. 29, 2014).flp
2014-03-31 20:38 - 2013-05-01 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-03-31 20:20 - 2014-03-31 20:20 - 00000000 ____D () C:\Users\Florian\Downloads\RegKey
2014-03-31 20:09 - 2014-03-31 19:41 - 84080737 _____ () C:\Users\Florian\Downloads\Vlad_FLST_11.1_Update.7z
2014-03-31 13:57 - 2014-03-31 13:57 - 00001416 _____ () C:\Users\Florian\Downloads\Violin Solo 2.fxp
2014-03-31 10:46 - 2014-03-31 10:45 - 18597723 _____ () C:\Users\Florian\Downloads\La_Fleche_Wallonne_1.zip
2014-03-31 10:45 - 2014-03-31 10:44 - 09812032 _____ () C:\Users\Florian\Downloads\Amstel_Gold_Race_1.zip
2014-03-31 03:16 - 2014-04-09 13:21 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-31 01:57 - 2014-04-09 13:21 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-29 11:33 - 2013-04-29 19:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-27 13:39 - 2014-03-27 13:39 - 13977004 _____ () C:\Users\Florian\Downloads\Nightlife Remake.zip

Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\InstHelper.exe
C:\Users\Florian\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-24 13:19

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---


[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2014
Ran by Florian at 2014-04-25 09:12:19
Running from C:\Users\Florian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.06)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Azureus (HKLM-x32\...\Azureus) (Version: 2.5.0.4 - )
Behind The Reflection 2: Witch's Revenge (x32 Version: 3.0.2.32 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
Camel Audio CamelCrusher64 (HKLM-x32\...\Camel Audio CamelCrusher64) (Version: 1.01.0 - Camel Audio)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DJ OldGames Package: Grand Prix 2 (HKLM-x32\...\GrandPrix267) (Version: 1.0.3.0 - DJ)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
ESET Smart Security (HKLM\...\{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}) (Version: 7.0.302.26 - ESET, spol s r. o.)
ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies)
F1 2013 (HKLM-x32\...\RjEyMDEz_is1) (Version: 1 - )
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FeedReader (HKLM-x32\...\FeedReader_is1) (Version:  - i-Systems Inc.)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version:  - Sports Interactive)
Football Manager 2014 Editor (HKLM-x32\...\Steam App 242460) (Version:  - )
Football Manager 2014 Resource Archiver (HKLM-x32\...\Steam App 242480) (Version:  - )
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41505) (Version: 3.8.0.41505.25 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KMSnano 22 (HKLM\...\KMSnano 22_is1) (Version: KMSnano 22 - )
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Melodyne 3.2 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.2.0202 - Celemony Software GmbH)
Melodyne 3.2 (x32 Version: 3.2.0202 - Celemony Software GmbH) Hidden
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Microsoft Office 365 Home Premium - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM-x32\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM-x32\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Midnight Mysteries: Devil on the Mississippi (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mixed In Key 2.5 (HKLM-x32\...\Mixed In Key) (Version: 2.5 - )
MotoGP(TM)13 (HKLM-x32\...\{4B784CE7-7CDB-4AF1-B636-2DC3EA51EA87}) (Version: 1.00.0000 - Milestone)
MotoGP(TM)13 (x32 Version: 1.00.0000 - Milestone) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Opera Next 17.0.1241.18 (HKLM-x32\...\Opera 17.0.1241.18) (Version: 17.0.1241.18 - Opera Software ASA)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
PC Ciclismo 2001 (HKLM-x32\...\{6669B6F1-B656-4B56-8836-F412AB268724}) (Version:  - )
pcciclismo 2013 (HKCU\...\pcciclismo 2013) (Version:  - )
PCM Fast Editor (HKCU\...\b4e96ac10814a05a) (Version: 2.1.0.0 - PCM Fast Editor)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Pro Cycling Manager 2013 (HKLM-x32\...\Steam App 219800) (Version:  - Cyanide Studios)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SAP Business Explorer (HKLM-x32\...\SAPBI) (Version: 7.30 - SAP AG)
SAP GUI for Windows 7.30 (HKLM-x32\...\SAPGUI710) (Version: 7.30 Compilation 1 - SAP)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.3 - Synaptics Incorporated)
Tour de France 2013 - Der offizielle Radsport-Manager Version 1 (HKLM-x32\...\Pro Cycling Manager 2013_is1) (Version: 1.0.2.0 - Cyanide)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.0.11020 - Sony Corporation)
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.3.0.09290 - Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.1.10120 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Hardwarediagnose-Plugin für VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.7.0.11070 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WOW (HKLM-x32\...\WOW) (Version: 1.0 - Sugar Bytes)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Restore Points  =========================

23-04-2014 16:21:12 ESET Smart Security wurde installiert

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01B42094-D639-40E5-9EA2-50883B9937DA} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1171645F-726F-44DA-900E-9F0C5D32D186} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-11] (Microsoft Corporation)
Task: {1B4D49AF-BF06-46F4-A5E1-87CCCB0DD5CD} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {1EA4DD31-4029-4575-B48B-23A5202EE147} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-13] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21B7ABE8-2CAA-4417-B6B1-D9D84A99C606} - System32\Tasks\Sony Corporation\VAIO Care Rescue Tool => C:\Windows\Temp\VAIO Care Rescue Tool.vbs
Task: {24BCA533-0053-4010-A9EF-0B6CE941599D} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-01] (Sony Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41FB8702-7359-4841-A226-F46551CF4B0F} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-08-30] (Sony Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5496C584-8D97-4E05-A3D1-4C7759B7D769} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {664646F9-20AF-4C8B-8033-145CD7782980} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DAE5136-421B-4650-B997-7BA2B10F8914} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7E4689EC-5CC0-43E9-9B8D-E3D32560412C} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)
Task: {80241D31-0D12-4C7D-B2E5-98FBAB799898} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {8237692F-E635-4827-9085-2A6F496D6E48} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {837A6961-7440-4086-878E-34E26AE77695} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8AC402B4-398D-4CF9-ACA6-5BE08F49B2F2} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-09-19] (Sony Corporation)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B4BBC08D-58F0-41C3-92BB-EE6556D5CEC7} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {BA45778A-E7D9-4A86-999E-6146993FCB10} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-09-27] (Sony Corporation)
Task: {BA692A69-627B-4D0E-8FEF-6FA5EE74C34F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-13] (Microsoft Corporation)
Task: {C44B50F1-BA34-464E-BA6C-D4D76D07B329} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {C5F48EBE-D246-4722-9013-5F5D68164367} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {C68D1F58-C9C0-4DB7-9ADE-6D2BA274797C} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {C735A74F-C9F3-4375-AF70-40C64EC6B72B} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DF6F2EF5-3A15-411B-A7F5-61148A84A912} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {E598A586-C637-44A2-8133-860E11D39609} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {E617B5AD-887B-4EC4-93A2-08C078527E91} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-....@gmx.at => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {ECA5F738-6D6C-42FE-89BD-AB97A5365CAB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {EFE12686-2973-435A-A0CA-077BF4166866} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {F564DD9F-7B21-4D48-8F08-75736B2E2D3B} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-05-02 16:13 - 2013-08-23 15:45 - 00386216 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-05-02 16:13 - 2013-10-31 10:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-05-02 16:13 - 2013-10-31 10:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2012-08-06 14:27 - 2012-08-06 14:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 14:27 - 2012-08-06 14:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-03-29 11:33 - 2014-03-19 12:00 - 01380704 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
2013-02-01 04:33 - 2012-07-18 07:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-11-13 14:01 - 2013-11-13 14:01 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-01-15 18:43 - 2014-01-15 18:43 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Florian\AppData\Roaming\Dropbox\bin\libcef.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-02-01 05:04 - 2012-10-04 22:21 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-02-13 23:51 - 2014-04-22 00:55 - 00340480 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-24 11:25 - 2014-04-22 00:55 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-05-06 17:05 - 2014-04-01 00:09 - 00754688 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-06-06 14:06 - 2014-04-22 01:42 - 01135808 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-03-26 16:16 - 2014-03-03 21:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-03-29 11:33 - 2014-03-19 12:00 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\libglesv2.dll
2014-03-29 11:33 - 2014-03-19 12:00 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\libegl.dll
2014-03-29 11:33 - 2014-03-19 12:00 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\ffmpegsumo.dll
2013-11-13 14:01 - 2013-11-13 14:01 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-01-15 18:43 - 2014-01-15 18:43 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\c2r32.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Florian\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth VDP Device
Description: Bluetooth VDP Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_VDP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2014 11:53:39 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/24/2014 00:27:26 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: skydrive.exe, Version: 6.3.9600.16507, Zeitstempel: 0x52ce4d58
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0xdd4
Startzeit der fehlerhaften Anwendung: 0xskydrive.exe0
Pfad der fehlerhaften Anwendung: skydrive.exe1
Pfad des fehlerhaften Moduls: skydrive.exe2
Berichtskennung: skydrive.exe3
Vollständiger Name des fehlerhaften Pakets: skydrive.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: skydrive.exe5

Error: (04/23/2014 07:49:53 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b40

Startzeit: 01cf5f1badbe7fa1

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: a2335dca-cb0f-11e3-bfbf-a41731e6f94c

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_2.7.0.1002_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (04/23/2014 04:47:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SearchIndexer.exe, Version: 7.0.9600.16384, Zeitstempel: 0x5215d4c4
Name des fehlerhaften Moduls: MSSRCH.DLL, Version: 7.0.9600.16384, Zeitstempel: 0x5215d425
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006dbe
ID des fehlerhaften Prozesses: 0xed0
Startzeit der fehlerhaften Anwendung: 0xSearchIndexer.exe0
Pfad der fehlerhaften Anwendung: SearchIndexer.exe1
Pfad des fehlerhaften Moduls: SearchIndexer.exe2
Berichtskennung: SearchIndexer.exe3
Vollständiger Name des fehlerhaften Pakets: SearchIndexer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SearchIndexer.exe5

Error: (04/23/2014 09:46:22 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/21/2014 06:07:01 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/20/2014 09:49:00 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/19/2014 11:32:16 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/19/2014 11:22:15 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SearchIndexer.exe, Version: 7.0.9600.16384, Zeitstempel: 0x5215d4c4
Name des fehlerhaften Moduls: MSSRCH.DLL, Version: 7.0.9600.16384, Zeitstempel: 0x5215d425
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006dbe
ID des fehlerhaften Prozesses: 0x4ac
Startzeit der fehlerhaften Anwendung: 0xSearchIndexer.exe0
Pfad der fehlerhaften Anwendung: SearchIndexer.exe1
Pfad des fehlerhaften Moduls: SearchIndexer.exe2
Berichtskennung: SearchIndexer.exe3
Vollständiger Name des fehlerhaften Pakets: SearchIndexer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SearchIndexer.exe5

Error: (04/18/2014 11:15:18 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005


System errors:
=============
Error: (04/24/2014 11:25:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/24/2014 11:25:32 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (04/24/2014 10:40:25 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/23/2014 11:26:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee PC Task Scheduler Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/23/2014 11:26:01 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee PC Task Scheduler Service erreicht.

Error: (04/23/2014 11:26:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/23/2014 11:26:01 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (04/23/2014 11:25:54 PM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000003, 0xffffe00005b46060, 0xfffff803d525c840, 0xffffe000047f7580)C:\WINDOWS\MEMORY.DMP042314-47703-01

Error: (04/23/2014 11:25:39 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎23.‎04.‎2014 um 23:18:32 unerwartet heruntergefahren.

Error: (04/23/2014 09:10:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee PC Task Scheduler Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office Sessions:
=========================
Error: (04/24/2014 11:53:39 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/24/2014 00:27:26 AM) (Source: Application Error)(User: )
Description: skydrive.exe6.3.9600.1650752ce4d58unknown0.0.0.000000000000000000000000000000000dd401cf5f3b219e4605C:\Windows\System32\skydrive.exeunknown721171f7-cb36-11e3-bfc1-a41731e6f94c

Error: (04/23/2014 07:49:53 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.164311b4001cf5f1badbe7fa14294967295C:\WINDOWS\syswow64\wwahost.exea2335dca-cb0f-11e3-bfbf-a41731e6f94cMicrosoft.SkypeApp_2.7.0.1002_x86__kzf8qxf38zg5cApp

Error: (04/23/2014 04:47:09 PM) (Source: Application Error)(User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbeed001cf5f02bbeedf63C:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL25315638-caf6-11e3-bfbf-a41731e6f94c

Error: (04/23/2014 09:46:22 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/21/2014 06:07:01 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/20/2014 09:49:00 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/19/2014 11:32:16 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/19/2014 11:22:15 AM) (Source: Application Error)(User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbe4ac01cf5bb0b4e90beeC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL185c6321-c7a4-11e3-bfbd-a41731e6f94c

Error: (04/18/2014 11:15:18 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005


CodeIntegrity Errors:
===================================
  Date: 2014-03-13 09:36:41.282
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:41.155
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.982
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.870
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.767
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.541
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.447
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-13 09:36:40.198
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 80%
Total physical RAM: 3975.27 MB
Available physical RAM: 783.66 MB
Total Pagefile: 6023.27 MB
Available Pagefile: 2606.3 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:438.23 GB) (Free:4.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 97A91315)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 22 GB) (Disk ID: 1E13C576)

Partition: GPT Partition Type.

==================== End Of Log ============================
--- --- ---


:dankeschoen:

M-K-D-B 25.04.2014 11:41
Verschiebe bitte die FRST.exe vom Downloadordner (C:\Users\Florian\Downloads) auf den Desktop, sonst funktioniert der Fix mit FRST nicht!





Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss daran räumen wir auf und ich gebe dir noch ein paar Tipps mit auf den Weg.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
SearchScopes: HKCU - {A79DA6DA-D390-4A5F-BD8C-96ACC244AC11} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3305104&CUI=UN16871039762619913&UM=2
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von FRST,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.

M-K-D-B 29.04.2014 14:43
Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:33 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19