| daniela030 | 18.02.2015 08:43 |
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-02-2015
Ran by chica (administrator) on CHICA-PC on 18-02-2015 08:24:42
Running from C:\Users\chica\Documents\Downloads
Loaded Profiles: chica (Available profiles: chica & Gast)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(E-MU Systems) C:\Windows\System32\emaudsv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sony Corporation) C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsui.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\LANUtil.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Users\chica\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\chica\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\chica\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\chica\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\chica\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6295552 2008-07-18] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [122880 2008-02-23] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-03] (Sony Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MarketingTools] => C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [24576 2008-08-24] (Sony Corporation)
HKLM\...\Run: [AML] => C:\Program Files\Sony\VAIO Launcher\AML.exe [1097728 2008-06-13] (Sony)
HKLM\...\Run: [EPSON Stylus DX4200 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE [98304 2005-03-08] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [fssui] => C:\Program Files\Windows Live\Family Safety\fsui.exe [454000 2009-02-06] (Microsoft Corporation)
HKLM\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2008-07-18] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\Run: [NSUFloatingUI] => C:\Program Files\Sony\Network Utility\LANUtil.exe [262144 2008-07-30] (Sony Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\Run: [NSUFloatingUI] => C:\Program Files\Sony\Network Utility\LANUtil.exe [262144 2008-07-30] (Sony Corporation)
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\Run: [Google Update] => C:\Users\chica\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2015-01-06] (Google Inc.)
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-03-17] (Google Inc.)
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\MountPoints2: {34e9d91d-5d86-11e0-a665-001e101f82a7} - G:\AutoRun.exe
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\MountPoints2: {728f1f67-bcc3-11e1-bd32-001dba8b2fe4} - H:\iStudio.exe
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\MountPoints2: {79a0c175-5dd8-11e0-bff7-001e101fb45e} - H:\AutoRun.exe
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\MountPoints2: {e810ea01-5d83-11e0-8836-00214f4b3d70} - G:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\chica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.sonystyle-europe.com
hxxp://www.club-vaio.com/vbc/ebay/index.html
hxxp://www.club-vaio.com/vbc
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sonystyle-europe.com
hxxp://www.club-vaio.com/vbc/ebay/index.html
hxxp://www.club-vaio.com/vbc
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sonystyle-europe.com
hxxp://www.club-vaio.com/vbc/ebay/index.html
hxxp://www.club-vaio.com/vbc
SearchScopes: HKLM -> DefaultScope {19E9452E-77E6-48AA-BBAB-3D81852794D0} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKLM -> {19E9452E-77E6-48AA-BBAB-3D81852794D0} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-21-3796383576-842236363-3823598806-1000 -> {4F11ACBB-393F-4c86-A214-FF3D0D155CC3} URL = hxxp://search.burn4free-toolbar.com/search?p=Q&ts=ne&w={searchTerms}&csrc=search-field
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Google BAE\BAE.dll (Your Company Name)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3796383576-842236363-3823598806-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3796383576-842236363-3823598806-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-3796383576-842236363-3823598806-1000 -> No Name - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3796383576-842236363-3823598806-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\chica\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3796383576-842236363-3823598806-1000: @talk.google.com/O1DPlugin -> C:\Users\chica\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3796383576-842236363-3823598806-1000: @tools.google.com/Google Update;version=3 -> C:\Users\chica\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3796383576-842236363-3823598806-1000: @tools.google.com/Google Update;version=9 -> C:\Users\chica\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\chica\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\chica\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-01-09]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-01-09]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-01-09]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-01-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-02]
FF HKU\S-1-5-19\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6172\FF
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\chica\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\chica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\chica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-01]
CHR Extension: (Google-Suche) - C:\Users\chica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-01]
CHR Extension: (AdBlock) - C:\Users\chica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-23]
CHR Extension: (Facebook Invite Them All) - C:\Users\chica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jladghljinmlokelojmdmblikkifabea [2013-01-09]
CHR Extension: (Skype Click to Call) - C:\Users\chica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-10-01]
CHR Extension: (Google Wallet) - C:\Users\chica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Google Mail) - C:\Users\chica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-01]
CHR Extension: (Auto Select All Facebook Friends) - C:\Users\chica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcjiigginhdhihbdlejjoekeemjaiml [2013-01-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-01-20] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-02-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [991536 2015-02-04] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 emaudsv; C:\Windows\system32\emaudsv.exe [20992 2007-11-26] (E-MU Systems)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [9728 2010-11-04] (Deutsche Telekom AG) [File not signed]
R2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [299008 2008-07-30] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] () [File not signed]
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [File not signed]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-08-06] (Sony Corporation)
R2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [File not signed]
R2 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [722288 2010-04-09] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 Adpasavork; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-02-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-02-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2015-02-04] (Avira Operations GmbH & Co. KG)
S3 emusba10; C:\Windows\System32\DRIVERS\emusba10.sys [163352 2007-11-26] (E-MU Systems)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [143328 2008-06-28] (Realtek Semiconductor Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2015-02-04] (Avira GmbH)
S3 synasusb; C:\Windows\System32\Drivers\synasusb.sys [23696 2010-09-17] (Steinberg Media Technologies GmbH)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [399424 2009-11-26] (TASCAM)
S3 TASCAM_US122L_MK2_MIDI; C:\Windows\System32\drivers\tscusb2m.sys [26688 2009-11-26] (TASCAM)
S3 TASCAM_US122L_MK2_WDM; C:\Windows\System32\drivers\tscusb2a.sys [39488 2009-11-26] (TASCAM)
S3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S2 adfs; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-18 08:24 - 2015-02-18 08:24 - 00000000 ____D () C:\FRST
2015-02-16 02:44 - 2015-02-16 02:44 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-02-15 07:53 - 2015-02-15 07:54 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\chica\Desktop\SpyHunter-Installer (1).exe
2015-02-15 07:35 - 2015-02-15 07:35 - 00029928 _____ () C:\Users\chica\Desktop\antivirscan FEBRUAR 2015.txt
2015-02-15 03:17 - 2015-02-15 03:17 - 00000000 ____D () C:\Users\chica\AppData\Roaming\Avira
2015-02-15 03:16 - 2015-02-16 02:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-15 03:16 - 2015-02-15 03:16 - 00001847 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-02-15 03:15 - 2015-02-04 17:51 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2015-02-15 03:14 - 2015-02-04 17:51 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-15 03:14 - 2015-02-04 17:51 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-15 03:14 - 2015-02-04 17:51 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-02-14 20:48 - 2015-02-14 20:48 - 00000000 ____D () C:\OETemp
2015-02-14 20:47 - 2015-02-14 20:47 - 00000000 ____D () C:\Program Files\GUMA7E3.tmp
2015-02-13 03:29 - 2015-02-13 03:29 - 00142344 _____ () C:\Windows\Minidump\Mini021315-01.dmp
2015-02-12 18:54 - 2015-01-12 02:54 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 18:54 - 2015-01-12 02:54 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 18:54 - 2015-01-12 02:54 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 06121472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 03635200 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 01827328 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 18:54 - 2015-01-12 02:53 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 18:54 - 2015-01-12 02:53 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2015-02-12 18:54 - 2015-01-12 01:25 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-12 18:54 - 2015-01-12 01:18 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 18:42 - 2014-11-26 03:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 18:41 - 2015-01-09 01:20 - 02063360 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 18:40 - 2015-01-13 02:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 18:35 - 2015-01-15 05:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 18:34 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 00:59 - 2014-12-19 01:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-10 00:35 - 2014-12-06 04:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-10 00:35 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-02-10 00:35 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-02-10 00:34 - 2014-12-06 04:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-07 03:27 - 2015-02-07 03:27 - 00000000 ____D () C:\Users\chica\AppData\Roaming\Mozilla
2015-01-29 18:24 - 2015-01-29 18:24 - 00000000 ____D () C:\Users\chica\Desktop\Pressebilder 2015
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-18 08:20 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-18 08:20 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-18 08:16 - 2011-11-30 12:43 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796383576-842236363-3823598806-1000UA.job
2015-02-18 08:06 - 2015-01-06 06:26 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-18 08:05 - 2012-04-04 14:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-18 08:00 - 2010-03-14 01:25 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-18 07:54 - 2009-01-15 19:30 - 01169808 _____ () C:\Windows\WindowsUpdate.log
2015-02-18 07:49 - 2011-04-28 13:46 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-02-18 07:49 - 2009-06-16 13:05 - 00000000 ____D () C:\Users\chica\AppData\Roaming\WTablet
2015-02-18 07:48 - 2010-03-14 01:25 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-18 07:48 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-18 06:46 - 2008-08-11 10:29 - 00005332 _____ () C:\Windows\bthservsdp.dat
2015-02-18 06:46 - 2006-11-02 14:01 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-18 04:15 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\tracing
2015-02-16 02:45 - 2014-08-19 15:43 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-16 02:44 - 2013-08-05 20:24 - 00000000 ____D () C:\Program Files\Avira
2015-02-16 02:36 - 2010-06-23 22:04 - 00469574 _____ () C:\Windows\PFRO.log
2015-02-15 08:49 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-15 08:07 - 2008-01-21 08:16 - 01545300 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-15 03:18 - 2013-08-05 20:24 - 00000000 ____D () C:\ProgramData\Avira
2015-02-15 03:15 - 2011-11-30 12:43 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796383576-842236363-3823598806-1000Core.job
2015-02-13 03:29 - 2009-01-16 18:33 - 00000000 ____D () C:\Windows\Minidump
2015-02-13 03:27 - 2010-05-11 19:33 - 351058048 _____ () C:\Windows\MEMORY.DMP
2015-02-12 19:37 - 2006-11-02 13:47 - 04502736 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 18:54 - 2013-08-15 15:03 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 18:42 - 2006-11-02 11:24 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-02-12 18:41 - 2008-08-24 09:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-07 05:11 - 2012-10-01 16:13 - 00002034 _____ () C:\Users\chica\Desktop\Google Chrome.lnk
2015-02-07 03:06 - 2012-04-04 14:10 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-07 03:06 - 2011-05-26 12:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-07 02:38 - 2010-01-24 00:52 - 00000000 ____D () C:\Users\Gast
2015-02-07 02:38 - 2009-01-15 19:34 - 00000000 ____D () C:\Users\chica
2015-02-07 02:38 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2015-02-07 02:38 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-02-07 02:38 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2015-02-07 02:38 - 2006-11-02 11:22 - 65798144 _____ () C:\Windows\system32\config\software_previous
2015-02-07 02:38 - 2006-11-02 11:22 - 33816576 _____ () C:\Windows\system32\config\system_previous
2015-02-07 02:30 - 2006-11-02 11:22 - 44040192 _____ () C:\Windows\system32\config\components_previous
2015-02-07 02:30 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2015-01-29 19:35 - 2009-02-22 21:53 - 00000000 ____D () C:\Users\chica\.gimp-2.6
2015-01-29 18:06 - 2006-11-02 11:22 - 00786432 _____ () C:\Windows\system32\config\default_previous
2015-01-29 17:59 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2015-01-19 05:33 - 2012-01-21 03:33 - 00002564 _____ () C:\ProgramData\hpzinstall.log
2015-01-19 05:31 - 2006-11-02 13:37 - 00000000 ____D () C:\Windows\twain_32
2015-01-19 05:29 - 2010-09-27 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProcessText Group
==================== Files in the root of some directories =======
2009-03-18 23:34 - 2014-09-06 02:40 - 0006372 _____ () C:\Users\chica\AppData\Roaming\wklnhst.dat
2009-01-15 19:34 - 2015-01-10 06:56 - 0002032 _____ () C:\Users\chica\AppData\Local\d3d9caps.dat
2009-01-16 02:11 - 2014-08-23 16:42 - 0121344 _____ () C:\Users\chica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-01-21 00:26 - 2009-01-21 00:26 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-01-21 03:33 - 2015-01-19 05:33 - 0002564 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\chica\AppData\Local\Temp\aiw871828.dll
C:\Users\chica\AppData\Local\Temp\AskSLib.dll
C:\Users\chica\AppData\Local\Temp\avgnt.exe
C:\Users\chica\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\chica\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3uyejw.dll
C:\Users\chica\AppData\Local\Temp\install_flashplayer10_chrd_aih.exe
C:\Users\chica\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\chica\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\chica\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\chica\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\chica\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\chica\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\chica\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\chica\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\chica\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\chica\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\chica\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\chica\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\chica\AppData\Local\Temp\PlaySound.dll
C:\Users\chica\AppData\Local\Temp\ResetDevice.exe
C:\Users\chica\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-18 07:57
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-02-2015
Ran by chica at 2015-02-18 08:26:31
Running from C:\Users\chica\Documents\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
ABL 2.5.2 (HKLM\...\AudioRealism Bass Line 2_is1) (Version: - AudioRealism)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{853A4763-6643-4604-8D64-28BDD8925F4C}) (Version: 1.5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{CACAEB5F-174D-4C7C-AC56-A33289A807CA}) (Version: 3.4.0.25 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ArcSoft WebCam Companion 2 (HKLM\...\{9973498D-EA29-4A68-BE0B-C88D6E03E928}) (Version: - ArcSoft)
Arturia Moog Modular V2 v1.0 (HKLM\...\Arturia Moog Modular V2 v1.0) (Version: - )
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: - )
ATI Catalyst Install Manager (HKLM\...\{252E50FD-F27C-C8DD-C9E2-D2845A2DC399}) (Version: 3.0.682.0 - ATI Technologies, Inc.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version: - )
Audio Damage DeVerb VST v1.0 (HKLM\...\Audio Damage DeVerb VST v1.0) (Version: - )
Avira (HKLM\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.624 - Avira)
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter (HKLM\...\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}) (Version: 2.5 - Sony Corporation)
Bonjour (HKLM\...\{C2E4B5BD-32DB-4817-A060-341AB17C3F90}) (Version: 2.0.5.0 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
Catalyst Control Center - Branding (HKLM\...\{C93F4E7C-1B31-449B-A304-EF277CF55E39}) (Version: 1.00.0000 - ATI)
ccc-core-static (Version: 2008.0717.2343.40629 - Ihr Firmenname) Hidden
CCleaner (remove only) (HKLM\...\CCleaner) (Version: - Piriform)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Click to Disc (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.00.06190 - Sony Corporation)
Click to Disc (Version: 1.2.00.06190 - Sony Corporation) Hidden
Click to Disc Editor (HKLM\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 1.2.00 - Sony Corporation)
Click to Disc Editor (Version: 1.2.00 - Sony Corporation) Hidden
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Convert XLS (HKLM\...\Convert XLS_is1) (Version: - Softinterface, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
Dolby Control Center (HKLM\...\{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}) (Version: 1.2.0702 - Dolby)
Dropbox (HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
eLicenser Control (HKLM\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
ElsterFormular (HKLM\...\ElsterFormular 13.2.0.8623k) (Version: 14.1.11318 - Landesfinanzdirektion Thüringen)
E-MU USB Audio (HKLM\...\{1C99893D-BC98-4456-AA3E-B67AB42301A6}) (Version: 1.0 - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
EuropasWildeWaelder Screensaver (HKLM\...\EuropasWildeWaelder Screensaver) (Version: - )
FabFilter Pro-Q 1.23 (HKLM\...\FabFilter Pro-Q 1.23) (Version: - )
FileZilla Client 3.3.5 (HKLM\...\FileZilla Client) (Version: 3.3.5 - )
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Google Chrome (HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Talk Plugin (HKLM\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version: - )
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation)
iTunes (HKLM\...\{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}) (Version: 10.2.2.14 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.370 - Oracle)
Java(TM) 6 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Korg Kontrol Editor (HKLM\...\{AAE4B36C-7A25-4513-975B-ACE7437572A0}) (Version: 1.00.0018 - KORG Inc.)
KORG USB-MIDI Driver Tools for Windows (HKLM\...\{C962EF10-7539-477A-A0AD-F8CBD0E9F7E5}) (Version: 1.11.0050 - KORG Inc.)
Live 6.0.9 (HKLM\...\Live 6.0.9) (Version: - )
Live 7.0.3 (HKLM\...\Live 7.0.3) (Version: - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
microKORG SoundEditor (HKLM\...\{EB091860-8C2B-4E49-A543-666373C39E6F}) (Version: 1.00.0000 - KORG Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
minimoog V2 2.0 (HKLM\...\minimoog V2_is1) (Version: - Arturia)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 16.002.03.02.705 - Huawei Technologies Co.,Ltd)
MP3-DJ 11.2.0 (HKLM\...\MP3-DJ_is1) (Version: - Torsten Hoffmann)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Transfer (HKLM\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.2.00.17290 - Sony Corporation)
Native Instruments Absynth 4 (HKLM\...\Native Instruments Absynth 4) (Version: - )
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS (HKLM\...\Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS) (Version: - )
Native Instruments Service Center (HKLM\...\Native Instruments Service Center) (Version: - )
Netzmanager (HKLM\...\Netzmanager) (Version: 1.05 - Deutsche Telekom AG)
Netzmanager (Version: 1.05 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenMG Secure Module 5.1.00 (HKLM\...\InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}) (Version: 5.1.00.05200 - Sony Corporation)
OpenMG Secure Module 5.1.00 (Version: 5.1.00.05200 - Sony Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
PC Inspector smart recovery (HKLM\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
PolarClock3 Screen Saver (HKLM\...\PolarClock3) (Version: - )
Primo (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
RAD Video Tools (HKLM\...\RADVideo) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5653 - Realtek Semiconductor Corp.)
Roxio Easy Media Creator 10 LJ (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 4.1.00.07300 - Sony Corporation)
Skins (Version: 2008.0717.2343.40629 - ATI) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SonicStage Mastering Studio (HKLM\...\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}) (Version: 2.6 - Sony Corporation)
SonicStage Mastering Studio (Version: 2.6 - Sony Corporation) Hidden
SonicStage Mastering Studio Audio Filter (HKLM\...\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}) (Version: 2.5 - Sony Corporation)
SonicStage Mastering Studio Plugins (HKLM\...\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}) (Version: 2.5 - Sony Corporation)
Sonnox Oxford Limiter Native VST v1.1.1 (HKLM\...\Sonnox Oxford Limiter Native VST_is1) (Version: - Team AiR 2007)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 3.2.02.06170 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.4.00 - Sony Corporation)
Stifttablett (HKLM\...\Pen Tablet Driver) (Version: - Wacom Technology Corp.)
Syncrosoft Lizenz Kontrolle (HKLM\...\Syncrosoft License Control) (Version: - SIA Syncrosoft)
Ulead GIF Animator Lite Edition 1.0 (HKLM\...\Ulead GIF Animator Lite Edition 1.0) (Version: - )
Unterstützung für VAIO-Präsentation (HKLM\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 1.0.00.04240 - Sony Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
US-122 MKII / US-144 MKII (HKLM\...\USB_AUDIO_DEusb-audio.deTascam) (Version: - )
VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.0.00.17290 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{FD72E69E-CF34-4071-BFD6-FD081A365E2C}) (Version: 3.2.00.06115 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.2.00.06115 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM\...\{FE697886-F392-4E0D-A0C0-47587BF60992}) (Version: 3.2.00.06062 - Sony Corporation)
VAIO Content Metadata Manager Setting (Version: 3.2.00.06062 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM\...\{CB8A8696-93EC-414E-A752-850AB133F68A}) (Version: 3.2.00.06112 - Sony Corporation)
VAIO Content Metadata XML Interface Library (Version: 3.2.00.06112 - Sony Corporation) Hidden
VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 3.1.00.07110 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.04.01170 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Edit Components 6.4 (HKLM\...\{B7C03E84-AF46-42F4-809D-D4127D9086D0}) (Version: 6.4 - Sony Corporation)
VAIO Energie Verwaltung (HKLM\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 3.1.00.08060 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.2.00.06200 - Sony Corporation)
VAIO Entertainment Platform (Version: 3.2.00.06200 - Sony Corporation) Hidden
VAIO Event Service (HKLM\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 4.1.00.07150 - Sony Corporation)
VAIO Guide (HKLM\...\{326DC400-1FC4-4D7D-946D-06D1EAB93200}) (Version: 2.4.00.06190 - Sony Corporation)
VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 2.1.00.06130 - Sony Corporation)
VAIO Marketing Tools (HKLM\...\MarketingTools) (Version: - Sony Corporation)
VAIO Media plus (HKLM\...\{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}) (Version: 1.1.00.05240 - Sony Corporation)
VAIO Media plus (Version: 1.1.00.05240 - Sony Corporation) Hidden
VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.3.00.06240 - Sony Corporation)
VAIO Movie Story (Version: 1.3.00.06240 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.3.00.06120 - Sony Corporation)
VAIO MusicBox (HKLM\...\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}) (Version: 2.1.00.06110 - Sony Corporation)
VAIO MusicBox Sample Music (HKLM\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.1.00.14140 - Sony Corporation)
VAIO Original Function Setting (HKLM\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.4.00.04230 - Sony Corporation)
VAIO Smart Network (HKLM\...\{3B659FAD-E772-44A3-B7E7-560FF084669F}) (Version: 2.1.00.07300 - Sony Corporation)
VAIO Update (HKLM\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.1.1.04090 - Sony Corporation)
VAIO Wallpaper Contents (HKLM\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.2.00.05200 - Sony Corporation)
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.8.2 - Shark007)
VLC media player 0.9.8a (HKLM\...\VLC media player) (Version: 0.9.8a - VideoLAN Team)
Vuze (HKLM\...\Vuze) (Version: - Vuze Inc.)
Waves Mercury Bundle (HKLM\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
WIDCOMM Bluetooth Software 6.2.0.4100 (HKLM\...\{E464702F-5433-46EC-8F65-159276C0A54F}) (Version: 6.2.0.4100 - Broadcom Corporation)
Winamp (HKLM\...\Winamp) (Version: 5.572 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3796383576-842236363-3823598806-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinDVD BD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.516 - InterVideo Inc.)
WinDVD BD for VAIO (Version: 8.0-B9.516 - InterVideo Inc.) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\chica\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\chica\AppData\Local\Google\Chrome\Application\40.0.2214.111\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chica\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chica\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chica\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chica\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chica\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chica\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chica\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chica\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3796383576-842236363-3823598806-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\chica\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
==================== Restore Points =========================
06-01-2015 05:51:47 Entfernt PC Inspector File Recovery
06-01-2015 05:54:26 Removed Windows Media Player Firefox Plugin
06-01-2015 07:48:01 Windows Update
10-01-2015 02:46:50 Windows Update
10-01-2015 03:30:55 Windows Update
10-01-2015 03:41:38 Windows Update
10-01-2015 09:33:59 Windows Update
13-01-2015 15:44:06 Windows Update
19-01-2015 05:23:46 Windows Update
24-01-2015 09:34:58 Windows Update
29-01-2015 18:21:59 Windows Update
07-02-2015 02:58:11 Windows Update
10-02-2015 00:31:36 Windows Update
12-02-2015 18:23:41 Windows Update
15-02-2015 07:39:32 Removed Adobe Media Player
15-02-2015 07:59:55 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {26BE90E1-15E6-4B4F-A4E6-9D6F2420FCC8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3796383576-842236363-3823598806-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {2D9BB4F3-876C-4706-9193-E8919127A80A} - System32\Tasks\{39EE4703-D6DB-4726-A24F-2D2C471C58A4} => pcalua.exe -a C:\Users\chica\Downloads\REDAUD-15505100-XP.EXE -d C:\Users\chica\Downloads
Task: {3CB38AE9-D6C6-403F-B38E-AB9782552EEC} - System32\Tasks\{20DA6615-8025-4249-AC2B-58B132012237} => pcalua.exe -a "C:\MAGIX\mm2005_deLuxe\Synth\CamelSpace VST v1.46 Incl Keygen-AiR\CamelSpaceWin_v1_46.exe" -d "C:\MAGIX\mm2005_deLuxe\Synth\CamelSpace VST v1.46 Incl Keygen-AiR"
Task: {51151640-1ED0-4CC5-9B64-C108C86B7A3F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3796383576-842236363-3823598806-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {514561F6-BA85-4D2D-B653-21AFE978E9C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3796383576-842236363-3823598806-1000UA => C:\Users\chica\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-06] (Google Inc.)
Task: {51E7DE46-74F6-4914-B286-D192AE5EE3AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14] (Google Inc.)
Task: {6C4E48B1-73AF-46BD-BD79-3E3C8CC17E2F} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2008-01-21] (Microsoft Corporation)
Task: {77E158E8-D3CA-4E9C-87D2-9E8995797984} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-04-09] (Sony Corporation)
Task: {7B081F65-1A87-4244-B35B-1963D02E197C} - System32\Tasks\{AD657F90-0784-4418-8555-83845CAC7280} => pcalua.exe -a C:\MAGIX\mm2005_deLuxe\Synth\Arturia_MiniMoog_V_v1.5-DAC\DACSETUP.exe -d C:\MAGIX\mm2005_deLuxe\Synth\Arturia_MiniMoog_V_v1.5-DAC
Task: {8A2C863D-8D0D-4A22-B3EE-20DC5F225399} - System32\Tasks\{7C1E3BA0-3CB3-41CE-9563-A9E7B0935885} => pcalua.exe -a C:\Users\chica\Downloads\epson31627eu(2).exe -d C:\Users\chica\Downloads
Task: {A3A53D2C-032F-4546-9F0E-62D6189B3E95} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {A7C1D029-39AF-426C-824E-5929455B843C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {B01CD1D3-2F6A-4234-A49B-816D14A8DE9B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3796383576-842236363-3823598806-1000Core => C:\Users\chica\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-06] (Google Inc.)
Task: {B0F883AA-A6B6-4B66-A5A4-CCE2847A5DE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14] (Google Inc.)
Task: {B8DE2C3B-3311-4EFB-BEB1-BC63461E182E} - System32\Tasks\{3BC72E1D-E191-48D7-92F4-68E456FB20AB} => pcalua.exe -a "H:\Daniela VST\DubbBox.exe" -d "H:\Daniela VST"
Task: {C745DFAA-864C-4E9C-994B-8E64EF33646C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796383576-842236363-3823598806-1000Core.job => C:\Users\chica\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796383576-842236363-3823598806-1000UA.job => C:\Users\chica\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2008-04-30 18:13 - 2008-04-30 18:13 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2008-08-11 19:55 - 2008-07-30 01:12 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2010-08-15 23:08 - 2010-11-14 20:44 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2008-07-01 07:43 - 2008-07-01 07:43 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-08-11 11:51 - 2008-07-15 17:04 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2008-08-11 11:51 - 2008-07-15 17:04 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
2008-08-24 09:43 - 2008-08-24 09:43 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2007-12-06 14:59 - 2007-12-06 14:59 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2015-02-07 05:11 - 2015-02-04 10:02 - 09170760 _____ () C:\Users\chica\AppData\Local\Google\Chrome\Application\40.0.2214.111\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Installer_Setup.log:AFP_Resource
AlternateDataStreams: C:\Users\chica\CLIP0219.AVI:AFP_Resource
AlternateDataStreams: C:\Users\chica\CLIP0219.AVI:TOC.WMV
AlternateDataStreams: C:\Users\chica\LUMIERE.wmv:AFP_Resource
AlternateDataStreams: C:\Users\chica\_White__________________M_B.png:AFP_Resource
AlternateDataStreams: C:\Users\chica\Desktop\discography daniela.txt:AFP_Resource
AlternateDataStreams: C:\Users\Public\Computer - Verknüpfung.lnk:AFP_Resource
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3796383576-842236363-3823598806-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\chica\Desktop\Eigene Dateien\pigbeach1.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\chica\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Google Update => "C:\Users\chica\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-3796383576-842236363-3823598806-500 - Administrator - Disabled)
chica (S-1-5-21-3796383576-842236363-3823598806-1000 - Administrator - Enabled) => C:\Users\chica
Gast (S-1-5-21-3796383576-842236363-3823598806-501 - Limited - Enabled) => C:\Users\Gast
==================== Faulty Device Manager Devices =============
Name: eLicenser
Description: eLicenser
Class Guid: {5c69eefe-3c1e-44ef-8501-f475f902fca7}
Manufacturer: Steinberg Media Technologies GmbH
Service: synasusb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/18/2015 08:00:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung GoogleUpdate.exe, Version 1.2.183.9, Zeitstempel 0x4ad50798, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000409, Fehleroffset 0x00009ae2,
Prozess-ID 0x1034, Anwendungsstartzeit GoogleUpdate.exe0.
Error: (02/18/2015 07:53:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung GoogleUpdate.exe, Version 1.2.183.9, Zeitstempel 0x4ad50798, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000409, Fehleroffset 0x00009ae2,
Prozess-ID 0x1100, Anwendungsstartzeit GoogleUpdate.exe0.
Error: (02/18/2015 07:51:12 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)
Error: (02/18/2015 07:50:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2015 06:00:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung GoogleUpdate.exe, Version 1.2.183.9, Zeitstempel 0x4ad50798, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000409, Fehleroffset 0x00009ae2,
Prozess-ID 0xba4, Anwendungsstartzeit GoogleUpdate.exe0.
Error: (02/18/2015 05:00:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung GoogleUpdate.exe, Version 1.2.183.9, Zeitstempel 0x4ad50798, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000409, Fehleroffset 0x00009ae2,
Prozess-ID 0x1174, Anwendungsstartzeit GoogleUpdate.exe0.
Error: (02/18/2015 04:00:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung GoogleUpdate.exe, Version 1.2.183.9, Zeitstempel 0x4ad50798, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000409, Fehleroffset 0x00009ae2,
Prozess-ID 0xc3c, Anwendungsstartzeit GoogleUpdate.exe0.
Error: (02/18/2015 03:15:34 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHICA\DESKTOP\EIGENE DATEIEN\ABLETON\TRACKMAKING 2014\JAN 2014\HOUSE WASTER\HOUSE WASTER_3_SUPERMASTER FOR CHARLY_2.ALS> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (02/18/2015 03:14:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung GoogleUpdate.exe, Version 1.2.183.9, Zeitstempel 0x4ad50798, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000409, Fehleroffset 0x00009ae2,
Prozess-ID 0x1784, Anwendungsstartzeit GoogleUpdate.exe0.
Error: (02/18/2015 03:12:32 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)
System errors:
=============
Error: (02/18/2015 07:53:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Google Update Service (gupdate)%%1053
Error: (02/18/2015 07:53:12 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Google Update Service (gupdate)
Error: (02/18/2015 07:51:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: cdrom
Error: (02/18/2015 07:50:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: adfs%%2
Error: (02/18/2015 07:50:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (02/18/2015 06:21:38 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000VzCdbSvc
Error: (02/18/2015 03:14:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Google Update Service (gupdate)%%1053
Error: (02/18/2015 03:14:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Google Update Service (gupdate)
Error: (02/18/2015 03:12:11 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: cdrom
Error: (02/18/2015 03:11:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Netzmanager Infrastruktur Informationssystem Dienst
Microsoft Office Sessions:
=========================
Error: (09/27/2010 09:08:29 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
Error: (09/27/2010 09:08:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-02-18 08:25:35.119
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-18 08:25:34.823
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-18 08:25:34.511
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-18 08:25:34.230
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-18 03:31:56.804
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-18 03:31:56.508
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-18 03:31:56.211
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-18 03:31:55.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-18 03:17:28.392
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-18 03:17:28.065
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
Percentage of memory in use: 55%
Total physical RAM: 3038.12 MB
Available physical RAM: 1343.42 MB
Total Pagefile: 6279.25 MB
Available Pagefile: 4197.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.92 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:286.87 GB) (Free:15.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 3E91BAD7)
Partition 1: (Not Active) - (Size=11.2 GB) - (Type=27)
Partition 2: (Active) - (Size=286.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Guten Morgen :)
das ist der Scan vom FRST.
Nachdem der Computer i.d. letzten Jahren von mehreren Leuten genutzt wurde, ich die Systemwiederherstellungs-CD nicht mehr auffindbar. Ich hoffe das es auch ohne gehen wird :§
Danke schonmal für Reinschauen!
LG |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
