Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: adware bprotect

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 08.09.2013, 12:47   #1
keepsake
 
adware bprotect - Standard

adware bprotect



Hallo ihr lieben Helfer,
Antivir hat mir gemeldet dass Malware in Form von Adware dprotect gefunden wurde. ich habe die befallenen datein mit avira in quaratäne verschoben.
Ich habe bis jetzt OTL, mbam und AdwCleaner drüber laufen lassen. Bei AdwCleaner habe ich bereits den Löschen button betätigt nach dem suchlauf und neu gestartet. die anderen beiden programme habe ich nur suchen lassen, aber nichts weiter gelöscht.
Symptome hat mein laptop nicht wirklich, ich finde er is langsamer als vorher. es gibt aber keine vermehrten pop ups oder sowas in der richtung. wenn ihr mehr wisen wollte stehe ich euch gern zur verfügung. Ich mag bloß gern das blöde gefrumse wieder vom rechner runter haben

OTL:logfile
Code:
ATTFilter
OTL logfile created on: 07.09.2013 19:28:39 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXX\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,99 Gb Total Physical Memory | 0,52 Gb Available Physical Memory | 26,04% Memory free
4,22 Gb Paging File | 1,86 Gb Available in Paging File | 44,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 85,71 Gb Total Space | 2,48 Gb Free Space | 2,90% Space Free | Partition Type: NTFS
Drive D: | 3,67 Gb Total Space | 3,46 Gb Free Space | 94,27% Space Free | Partition Type: FAT32

Computer Name: LÄPPI | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Programme\Mendeley Desktop\MendeleyWordPlugin.exe ()
PRC - C:\Programme\Mendeley Desktop\MendeleyDesktop.exe (Mendeley Ltd.)
PRC - C:\Users\XXXX\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlug in_11_8_800_94.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\XXXX\AppData\Roaming\Spotify\Data\Spotify WebHelper.exe (Spotify Ltd)
PRC - C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox. exe (Dropbox, Inc.)
PRC - C:\Users\XXXX\AppData\Local\Temp\Foxit Reader Updater.exe (Foxit Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
PRC - C:\Programme\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\sony\VAIO Power Management\OPT Drive Power Saving.exe (Sony Corporation)
PRC - C:\Programme\sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\sony\Network Utility\LANUtil.exe (Sony Corporation)
PRC - C:\Programme\sony\Network Utility\NSUService.exe (Sony Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Windows\System32\GtFlashSwitch.exe (OptionNV)
PRC - C:\Windows\System32\Gtdetectsc.exe (OptionNV)
PRC - C:\Programme\sony\WWAN\WWAN_reminder.exe (NSCE)
PRC - C:\Programme\sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
PRC - C:\Programme\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Programme\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)


========== Modules (No Company Name) ==========

MOD - C:\Programme\Mendeley Desktop\MendeleyWordPlugin.exe ()
MOD - C:\Programme\Mendeley Desktop\Mendeley.dll ()
MOD - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_80 0_94.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Theme\8ea4590b552b63ce4433042b1bec5bcd\Kies.Them e.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Dev icePodcast\c33ebf3f502bf3dea9da6d24342334b1\Device Podcast.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Dev iceVideo\6812e556337e8e227341c2773cdcd7e5\DeviceVi deo.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Dev icePhoto\faf647240faed549d62042f7401b784b\DevicePh oto.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Dev iceMusic\71cf8fb0e2375141b7ea52ea91d29c95\DeviceMu sic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Vid eoManager\a55f6fcadd38f63761cbc3343d5bd4f3\VideoMa nager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Pod castService\d6ff0d26a5db846d3692364a8cfe6b3e\Podca stService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Pod caster\386882aa7fffa5b7f48887b4e5e58e66\Podcaster. ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Pho toManager\9a058b7d790c9ab295494c6bcb87a85e\PhotoMa nager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Dev iceHost\97f7960284f0fd1b52d5d39054568c4e\DeviceHos t.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Pho nebook\4f7fd72525e490c075581e05b4421e7b\Phonebook. ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CPK TMusicPlugin\22ee8caaf8ecd18c26a90fc73320320f\CPKT MusicPlugin.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Mus icManager\d9d7272dd830d904264fb358556dfdcc\MusicMa nager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\EBo okManager\c8f91c1f87adb5388e4355ab466b7a4a\EBookMa nager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\BAT Plugin\9c06dd9add7d7a382a8920a427410138\BATPlugin. ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\All ShareController\d6381ee39b47d6ea76cb1bffaebcf33d\A llShareController.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.StoreMa#\1a3b7f2d750851d9159eb83d6e8e9cad \Kies.Common.StoreManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.MediaDB\cde96bc29d0e1108d9c9a3c51b094316\ Kies.Common.MediaDB.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF _cSharpAPI\c5efe841e2998c266e0f5e29bed04b55\ASF_cS harpAPI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.AllShare\a98b395bba3483234cf5f3f13e2c26f6 \Kies.Common.AllShare.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.DeviceS#\a3d8bee773ca26c9a0a8b1d3643deb1d \Kies.Common.DeviceServiceLib.FirmwareUpdate.Commo n.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.DeviceS#\cb84fc991b94ae87e805c7337f830d21 \Kies.Common.DeviceServiceLib.FirmwareUpdate.Downl oader.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.DeviceS#\371f07e556fd02c7ebf189013100669c \Kies.Common.DeviceServiceLib.FileService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.DeviceS#\00bee429371f9569c1dc5f2b448acdf2 \Kies.Common.DeviceServiceLib.DeviceDataService.ni .dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.DeviceS#\7448abb44c5c502633060a6cc639e51e \Kies.Common.DeviceServiceLib.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.DeviceS#\16bccf673ecc1c3af893d975389bb486 \Kies.Common.DeviceServiceLib.DeviceManagement.ni. dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.DeviceS#\9a02e59537e11d521d6f566c37c03383 \Kies.Common.DeviceService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.Multime#\7c3f1d107e40d4d1acf2a79810a921dd \Kies.Common.Multimedia.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.MainUI\8f3c23224d649605b02f97c4ac374ef1\K ies.Common.MainUI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.DBManag#\1e98e1a178984623f3dc6842b7df0f16 \Kies.Common.DBManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ICS harpCode.SharpZi#\70c775e13456b1975ac67f549ee29b53 \ICSharpCode.SharpZipLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.Util\f69a0fd8c98acd0d7c0daed896223c1a\Kie s.Common.Util.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Locale\98c9133eed4ba2d997a39c56246f9a38\Kies.Loc ale.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.MVVM\6222abd000d73a556064306b6e3ed4c7\Kies.MVVM. ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.UI\e0ea55ba9dca94811b7550c77649b762\Kies.UI.ni.d ll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Gon gSolutions.Wpf.D#\c53add3b694c642897bc85713ee57ec2 \GongSolutions.Wpf.DragDrop.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Interface\043bc768300ba87bbdca3c1b098ebfd4\Kies. Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceProce#\5974034f0f53755b11bde4c9698261cb \System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuration\b8e424ef545f262fd6cb9f35b97fc8b9 \System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml\09f5b3f7a363b742a73937e818595597\System.Xm l.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Forms\f575e4c534a93294c72fea670ca73492 \System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\Syste m.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceProce#\d8f4106eee38420ac5eda7d630dc53fc \System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Runtime.Remo#\f17c7bc239be0eb7661cbcd3cff1ea16 \System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Xaml\c8648331484537c338fe2b606a9db8b7\System.X aml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s\6733715b4b716c51b75acfc8163738a9\Kies.ni.exe ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Pre sentationFramewo#\8532e498c23b60bee2e5ffcf4411c86d \PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Windows.Forms\5cc02b72a68b85674a570b126c39ad7d \System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Pre sentationCore\40841519650bcf0de403049960550c20\Pre sentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Drawing\2154273cb2d7a8b1a47d672b6d0808bf\Syste m.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Win dowsBase\d2382128944d16da8adf76c58fb8e6f1\WindowsB ase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Xml\b7285e9f3d19a05d5cc2c049e451685d\System.Xm l.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Core\7b6f508b953eebe51c55ad40f468af2e\System.C ore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Configuration\11467cefb818233a909bdd3426ccab69 \System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem\08c630893416f3379c9455870908ad6c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\msc orlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni .dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kie s.Common.DeviceS#\feb091eff0150ebdd8b28ccfc439824b \Kies.Common.DeviceServiceLib.FirmwareUpdate.Firmw areUpdateAgentHelper.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Int erop.DevFileServ#\9f5132483649edef1dd6c849fd240da8 \Interop.DevFileServiceLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Int erop.MP3FileInfo#\be9d4a331a41a83465c56b735845c86b \Interop.MP3FileInfoCOMLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Int erop.OGGFileInfo#\0cd09e4839a2bfe65311191d2e61c698 \Interop.OGGFileInfoCOMLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Int erop.PRPLAYERCOR#\46e37ca6c73aee2fd773ae739f5324d8 \Interop.PRPLAYERCORELib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Int erop.P3MPINTERFA#\a474771ad225ef2b83d38a86a160ed53 \Interop.P3MPINTERFACECTRLLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Cab Lib\abebd90a3673cde0cd3a1b81a9f18f86\CabLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Int erop.DeviceSearc#\eea8db63092ff4b46a05dde0562aa7e5 \Interop.DeviceSearchLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\msc orlib\a01e07e47ecdd94ae099e8c4bf650516\mscorlib.ni .dll ()
MOD - C:\Users\XXXX\AppData\Roaming\Dropbox\bin\libcef.d ll ()
MOD - C:\Users\XXXX\AppData\Roaming\Dropbox\bin\wxmsw28u h_vc.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2. 0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\sony\WWAN\Win32Interop.dll ()
MOD - C:\Programme\sony\VAIO Camera Utility\VCULib.dll ()
MOD - C:\Windows\System32\TosCommAPI.dll ()


========== Services (SafeList) ==========

SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (vpnagent) -- C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpda teService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (VUAgent) -- C:\Programme\sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$VAIO_VEDB) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (VMCService) -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Vcsw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResou rceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VCFw) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (NSUService) -- C:\Programme\sony\Network Utility\NSUService.exe (Sony Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (GtFlashSwitch) -- C:\Windows\System32\GtFlashSwitch.exe (OptionNV)
SRV - (gtdetectsc) -- C:\Windows\System32\Gtdetectsc.exe (OptionNV)
SRV - (VAIO Event Service) -- C:\Programme\sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (SSScsiSV) -- C:\Programme\Common Files\Sony Shared\AvLib\SSScsiSV.exe (Sony Corporation)
SRV - (SonicStage Back-End Service) -- C:\Programme\Common Files\Sony Shared\AvLib\SsBeSvc.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programme\sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP) -- C:\Programme\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Programme\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Programme\sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP) -- C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (AdobeActiveFileMonitor5.0) -- C:\Programme\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()
SRV - (MSCSPTISRV) -- C:\Programme\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programme\Common Files\Sony Shared\AvLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Common Files\Sony Shared\AvLib\PACSPTISVR.exe ()


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (acsmux) -- C:\Windows\System32\drivers\acsmux.sys (Cisco Systems, Inc.)
DRV - (acsint) -- C:\Windows\System32\drivers\acsint.sys (Cisco Systems, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (ssudserd) -- C:\Windows\System32\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (sscemdm) -- C:\Windows\System32\drivers\sscemdm.sys (MCCI Corporation)
DRV - (ssceserd) -- C:\Windows\System32\drivers\ssceserd.sys (MCCI Corporation)
DRV - (sscebus) -- C:\Windows\System32\drivers\sscebus.sys (MCCI Corporation)
DRV - (sscemdfl) -- C:\Windows\System32\drivers\sscemdfl.sys (MCCI Corporation)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (GTUQBUS) -- C:\Windows\System32\drivers\gtuqbus.sys (Option N.V.)
DRV - (GTSCSER) -- C:\Windows\System32\drivers\gtscser.sys (Option N.V.)
DRV - (GTPTSER) -- C:\Windows\System32\drivers\gtptser.sys (Option N.V.)
DRV - (SonyImgF) -- C:\Windows\System32\drivers\SonyImgF.sys (Sony Corporation)
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (shpf) -- C:\Windows\System32\drivers\shpf.sys (Sony Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (SNC) -- C:\Windows\System32\drivers\SonyNC.sys (Sony Corporation)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (SPI) -- C:\Windows\System32\drivers\SonyPI.sys (Sony Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{F9872F96-C881-4FA4-827B-A50BC1CFE4E6}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1349350522-1392879031-607472974-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1349350522-1392879031-607472974-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1349350522-1392879031-607472974-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1349350522-1392879031-607472974-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1349350522-1392879031-607472974-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1349350522-1392879031-607472974-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1349350522-1392879031-607472974-1004\..\SearchScopes\{F9872F96-C881-4FA4-827B-A50BC1CFE4E6}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7&rlz=1I7SNYK_deDE453
IE - HKU\S-1-5-21-1349350522-1392879031-607472974-1004\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: amznUWL2%40amazon.com:1.10
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.6.1
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.11
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_80 0_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\XXXX\AppData\Local\Facebook\Video\Skype\n pFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.10 23:39:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.08.19 21:45:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.09.06 11:13:24 | 000,000,000 | ---D | M]

[2011.10.14 13:24:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Extensions
[2013.08.20 06:28:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Prof iles\iiv46cq4.default\extensions
[2013.05.17 19:05:05 | 000,000,000 | ---D | M] (WOT) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Prof iles\iiv46cq4.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.08.14 07:31:10 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Prof iles\iiv46cq4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012.11.01 11:41:49 | 000,243,287 | ---- | M] () (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\firefox\prof iles\iiv46cq4.default\extensions\amznUWL2@amazon.c om.xpi
[2013.06.23 20:01:25 | 000,613,211 | ---- | M] () (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\firefox\prof iles\iiv46cq4.default\extensions\toolbar@web.de.xp i
[2012.12.11 18:22:00 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\firefox\prof iles\iiv46cq4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.08.13 07:30:33 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\firefox\prof iles\iiv46cq4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.08.13 00:21:15 | 000,275,449 | ---- | M] () (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\firefox\prof iles\iiv46cq4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2011.12.19 15:04:35 | 000,005,508 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\mozilla\firefox\prof iles\iiv46cq4.default\searchplugins\webde-suche.xml
[2013.08.19 21:48:29 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.08.19 21:48:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.08.19 21:48:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.08.19 21:45:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.08.19 21:54:47 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.08.19 21:45:20 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2013.08.19 21:46:48 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
[2011.11.10 23:39:51 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video&gt -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1349350522-1392879031-607472974-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO AV Mode Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WWAN_reminder] C:\Programme\sony\WWAN\WWAN_reminder.exe (NSCE)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1349350522-1392879031-607472974-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1349350522-1392879031-607472974-1004..\Run: [Facebook Update] C:\Users\XXXX\AppData\Local\Facebook\Update\Facebo okUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1349350522-1392879031-607472974-1004..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\ KiesPDLR.exe ()
O4 - HKU\S-1-5-21-1349350522-1392879031-607472974-1004..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1349350522-1392879031-607472974-1004..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKU\S-1-5-21-1349350522-1392879031-607472974-1004..\Run: [Spotify Web Helper] C:\Users\XXXX\AppData\Roaming\Spotify\Data\Spotify WebHelper.exe (Spotify Ltd)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\Dropbox.lnk = C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox. exe (Dropbox, Inc.)
O7 - HKU\S-1-5-21-1349350522-1392879031-607472974-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\XXXX\AppData\Roaming\DVDVideoSoftIEHelper s\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - Reg Error: Value error. File not found
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{78A30AB4-6687-4673-B098-B9890A92A86C}: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{79EC265C-D24C-4A08-A85B-D77A3C8BF3BB}: DhcpNameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{AA47AD90-1313-4EA9-BEAD-B2B58AC19124}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\XXXX\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\XXXX\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b549f8f4-4585-11e1-9ff3-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{b549f8f4-4585-11e1-9ff3-00a0c6000000}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrvonServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.09.06 14:33:19 | 000,039,888 | R--- | C] (Cisco Systems, Inc.) -- C:\Windows\System32\drivers\acsint.sys
[2013.09.06 12:14:46 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.09.06 12:14:45 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\Malwarebytes
[2013.09.06 12:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.09.06 12:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.09.06 12:14:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.09.06 12:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.09.06 11:39:14 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\Bewerbungen
[2013.09.06 10:34:19 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.03 20:34:47 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Documents\WG
[2013.08.31 00:10:50 | 000,011,152 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\System32\vpncategories.dll
[2013.08.31 00:10:47 | 000,034,192 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\System32\vpnevents.dll
[2013.08.30 23:51:25 | 000,058,320 | R--- | C] (Cisco Systems, Inc.) -- C:\Windows\System32\drivers\acsmux.sys
[2013.08.28 23:32:14 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013.08.19 21:45:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.08.19 21:05:11 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.08.19 21:05:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.08.19 21:05:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.08.19 21:05:06 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.08.19 21:05:05 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.08.19 21:05:03 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.08.19 21:05:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.08.19 21:04:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.08.14 06:45:06 | 003,603,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.08.14 06:45:06 | 003,551,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.08.14 06:43:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013.08.13 23:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SigmaPlot
[2013.08.13 23:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaPlot
[2013.08.13 00:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.08.13 00:50:09 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\Avira
[2013.08.13 00:22:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.08.13 00:21:04 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.08.13 00:21:01 | 000,136,672 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.08.13 00:21:01 | 000,088,840 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.08.13 00:21:01 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.08.13 00:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.08.13 00:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.08.09 03:03:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[3 C:\Users\XXXX\Desktop\*.tmp files -> C:\Users\XXXX\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.09.07 19:47:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.07 19:02:27 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1349350522-1392879031-607472974-1004UA.job
[2013.09.07 17:57:08 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.07 17:57:07 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.07 17:56:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.07 03:18:26 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1349350522-1392879031-607472974-1004Core.job
[2013.09.06 12:16:27 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.09.06 12:14:20 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.09.06 11:00:15 | 000,002,473 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
[2013.09.06 10:57:06 | 2137,055,232 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.02 15:25:36 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.09.02 15:25:36 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.08.31 00:10:50 | 000,011,152 | ---- | M] (Cisco Systems, Inc.) -- C:\Windows\System32\vpncategories.dll
[2013.08.31 00:10:47 | 000,034,192 | ---- | M] (Cisco Systems, Inc.) -- C:\Windows\System32\vpnevents.dll
[2013.08.30 23:51:25 | 000,058,320 | R--- | M] (Cisco Systems, Inc.) -- C:\Windows\System32\drivers\acsmux.sys
[2013.08.30 23:51:25 | 000,039,888 | R--- | M] (Cisco Systems, Inc.) -- C:\Windows\System32\drivers\acsint.sys
[2013.08.28 09:18:07 | 000,000,680 | ---- | M] () -- C:\Users\XXXX\AppData\Local\d3d9caps.dat
[2013.08.20 22:47:39 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.08.20 22:47:39 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.08.19 21:21:12 | 000,742,932 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.08.19 21:21:12 | 000,689,662 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.08.19 21:21:12 | 000,173,622 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.08.19 21:21:12 | 000,139,424 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.08.13 23:55:13 | 000,000,816 | ---- | M] () -- C:\Users\Public\Desktop\SigmaPlot 12.0.lnk
[2013.08.13 23:50:02 | 000,001,025 | ---- | M] () -- C:\Windows\System32\cjgbm28.tgz
[2013.08.13 23:50:02 | 000,001,025 | ---- | M] () -- C:\Windows\System32\cjgbm28.dll
[2013.08.13 23:50:02 | 000,000,218 | ---- | M] () -- C:\Windows\System32\vyg4l5a.tgz
[2013.08.13 23:50:02 | 000,000,204 | ---- | M] () -- C:\Windows\System32\vyg4l5a.dll
[2013.08.13 23:49:57 | 000,001,025 | ---- | M] () -- C:\Windows\System32\grcauth2.dll
[2013.08.13 23:49:57 | 000,001,025 | ---- | M] () -- C:\Windows\System32\grcauth1.dll
[2013.08.13 23:49:57 | 000,000,114 | ---- | M] () -- C:\Windows\System32\prsgrc.tgz
[2013.08.13 23:49:56 | 000,000,100 | ---- | M] () -- C:\Windows\System32\prsgrc.dll
[2013.08.13 23:49:54 | 000,001,025 | ---- | M] () -- C:\Windows\System32\clauth2.dll
[2013.08.13 23:49:54 | 000,001,025 | ---- | M] () -- C:\Windows\System32\clauth1.dll
[2013.08.13 23:49:54 | 000,000,086 | ---- | M] () -- C:\Windows\System32\ssprs.tgz
[2013.08.13 23:49:54 | 000,000,072 | ---- | M] () -- C:\Windows\System32\ssprs.dll
[2013.08.09 20:00:39 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.08.09 20:00:38 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[3 C:\Users\XXXX\Desktop\*.tmp files -> C:\Users\XXXX\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.09.06 12:14:20 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.08.13 23:55:13 | 000,000,816 | ---- | C] () -- C:\Users\Public\Desktop\SigmaPlot 12.0.lnk
[2013.08.13 23:50:02 | 000,001,025 | ---- | C] () -- C:\Windows\System32\cjgbm28.tgz
[2013.08.13 23:50:02 | 000,001,025 | ---- | C] () -- C:\Windows\System32\cjgbm28.dll
[2013.08.13 23:50:02 | 000,000,204 | ---- | C] () -- C:\Windows\System32\vyg4l5a.dll
[2013.08.13 23:49:57 | 000,001,025 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2013.08.13 23:49:57 | 000,001,025 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2013.08.13 23:49:56 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2013.08.13 23:49:54 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2013.08.13 23:49:54 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2013.08.13 23:49:54 | 000,000,218 | ---- | C] () -- C:\Windows\System32\vyg4l5a.tgz
[2013.08.13 23:49:54 | 000,000,114 | ---- | C] () -- C:\Windows\System32\prsgrc.tgz
[2013.08.13 23:49:54 | 000,000,086 | ---- | C] () -- C:\Windows\System32\ssprs.tgz
[2013.08.13 23:49:54 | 000,000,072 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2013.08.13 23:49:49 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\vd23d61.dll
[2012.08.28 10:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.08.28 10:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.08.28 10:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.08.28 10:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.08.28 10:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.08.24 13:16:01 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2012.08.24 13:13:39 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2012.02.14 00:09:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2012.01.22 17:56:44 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.10.27 14:12:31 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.b in
[2011.10.26 23:39:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.10.26 23:39:54 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.10.26 23:38:11 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.10.18 12:56:41 | 000,000,680 | ---- | C] () -- C:\Users\XXXX\AppData\Local\d3d9caps.dat
[2011.10.17 16:27:26 | 000,042,496 | ---- | C] () -- C:\Users\XXXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.13 18:09:22 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.10.13 17:34:13 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2011.10.13 17:30:50 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2010.03.15 21:15:34 | 000,156,430 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

========== ZeroAccess Check ==========

[2006.11.02 14:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.10.13 17:15:41 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Alice Systems
[2012.10.16 13:30:21 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Bildverkleinerer
[2013.06.06 10:50:26 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Canon
[2013.01.13 19:57:48 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\DAEMON Tools Lite
[2013.09.06 11:10:10 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Dropbox
[2012.02.08 13:33:36 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\DVDVideoSoft
[2013.03.03 18:38:27 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\EndNote
[2013.06.06 12:58:38 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Foxit Software
[2012.01.08 18:56:17 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Haenlein-Software
[2012.04.10 13:43:00 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\ICQ
[2011.11.24 19:05:50 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Melanie
[2011.11.22 15:15:36 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Opera
[2012.09.08 17:51:49 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Samsung
[2013.09.06 09:55:18 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Spotify
[2012.04.10 15:09:32 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\TuneUp Software
[2012.02.01 12:15:09 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Vodafone
[2012.03.27 16:49:03 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\www.rene-zeidler.de

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013.09.07 18:01:53 | 096,511,910 | ---- | M] ()(C:\Windows\System32\????) -- C:\Windows\System32\ꄆᨽᴼˆ
[2013.09.07 18:01:53 | 000,000,000 | ---- | C] ()(C:\Windows\System32\????) -- C:\Windows\System32\ꄆᨽᴼˆ
[2013.09.06 08:37:09 | 096,304,236 | ---- | M] ()(C:\Windows\System32\????) -- C:\Windows\System32\㔄㼪ᴼœ
[2013.09.06 08:37:09 | 096,304,236 | ---- | C] ()(C:\Windows\System32\????) -- C:\Windows\System32\㔄㼪ᴼœ

< End of report >
         
mbam:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.06.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
XXXX :: LÄPPI [Administrator]

06.09.2013 12:18:05
MBAM-log-2013-09-07 (19-20-23).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 473529
Laufzeit: 6 Stunde(n), 40 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\XXXX\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Temp\mt_ffx\Delta\delt a (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Temp\mt_ffx\Delta\delt a\1.8.22.0 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 14
C:\$Recycle.Bin\S-1-5-21-1349350522-1392879031-607472974-1004\$RU18UQD.exe (PUP.Optional.Installex) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe.vir (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\Program Files\ICQ7.6\install_dll\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\TS0A1C35\pack[1].7z (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\TS0A1C35\WebCakesetup[1].exe (PUP.Optional.Yontoo) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Temp\toolbar3258314.ex e (PUP.Optional.Yontoo) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Temp\toolbar3259375.ex e (PUP.Optional.DeltaTB) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Temp\6B447BF0-BAB0-7891-8E92-5FE604973E34\BabMaint.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Temp\6B447BF0-BAB0-7891-8E92-5FE604973E34\BUSolution.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Temp\6B447BF0-BAB0-7891-8E92-5FE604973E34\ccp.exe (PUP.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Temp\6B447BF0-BAB0-7891-8E92-5FE604973E34\MyDeltaTB.exe (PUP.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Temp\6B447BF0-BAB0-7891-8E92-5FE604973E34\NTRedirect.dll (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\XXXX\AppData\Local\Temp\7964126B-BAB0-7891-9C9C-F6701A3C360A\Setup.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\XXXX\Downloads\SoftonicDownloader_for_sig maplot.exe (PUP.Optional.Softonic) -> Keine Aktion durchgeführt.

(Ende)
         
Code:
ATTFilter
# AdwCleaner v3.002 - Bericht erstellt am 06/09/2013 um 10:34:33
# Updated 01/09/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Benutzername : XXXX - LÄPPI
# Gestartet von : C:\Users\XXXX\Downloads\adwcleaner_3002.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gefunden : C:\Users\Public\Desktop\RegClean Pro.lnk
Datei Gefunden : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Prof iles\iiv46cq4.default\\invalidprefs.js
Datei Gefunden : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Prof iles\iiv46cq4.default\searchplugins\Babylon.xml
Datei Gefunden : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Prof iles\iiv46cq4.default\searchplugins\BrowserDefende r.xml
Datei Gefunden : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Prof iles\iiv46cq4.default\user.js
Datei Gefunden : C:\Windows\system32\roboot.exe
Datei Gefunden : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
Datei Gefunden : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
Datei Gefunden : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
Datei Gefunden : C:\Windows\Tasks\RegClean Pro_UPDATES.job
Ordner Gefunden C:\Inbox
Ordner Gefunden C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gefunden C:\Program Files\ExpressFiles
Ordner Gefunden C:\Program Files\RegClean Pro
Ordner Gefunden C:\ProgramData\Babylon
Ordner Gefunden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gefunden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gefunden C:\ProgramData\Tarma Installer
Ordner Gefunden C:\Users\XXXX\AppData\Local\Temp\OCS
Ordner Gefunden C:\Users\XXXX\AppData\LocalLow\boost_interprocess
Ordner Gefunden C:\Users\XXXX\AppData\Roaming\Babylon
Ordner Gefunden C:\Users\XXXX\AppData\Roaming\dvdvideosoftiehelper s
Ordner Gefunden C:\Users\XXXX\AppData\Roaming\ExpressFiles
Ordner Gefunden C:\Users\XXXX\AppData\Roaming\pdfforge
Ordner Gefunden C:\Users\XXXX\AppData\Roaming\Systweak

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Produkt Gefunden : BabylonObjectInstaller
Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\BabSolution
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Delta
Schlüssel Gefunden : HKCU\Software\ExpressFiles
Schlüssel Gefunden : HKCU\Software\Microsoft\Babylon
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\59ed8dde269ba43
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\Delta
Schlüssel Gefunden : HKLM\Software\ExpressFiles
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhce odhffomolpfigojocbpcb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClea n Pro_DEFAULT
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClea n Pro_UPDATES
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\RegClea n Pro_DEFAULT
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\RegClea n Pro_UPDATES
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\RegClean Pro_is1
Schlüssel Gefunden : HKLM\Software\PIP
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : HKLM\Software\Tarma Installer

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16502

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.babylon.com/?affID=111304&tt=3412_1&babsrc=HP_ss&mntrId=2864fe f2000000000000001bfbceb400

-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Prof iles\iiv46cq4.default\prefs.js ]

Zeile gefunden : user_pref("extensions.BabylonToolbar.admin", false);
Zeile gefunden : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Zeile gefunden : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Zeile gefunden : user_pref("extensions.BabylonToolbar.excTlbr", false);
Zeile gefunden : user_pref("extensions.BabylonToolbar.id", "2864fef2000000000000001bfbceb400");
Zeile gefunden : user_pref("extensions.BabylonToolbar.instlDay", "15576");
Zeile gefunden : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Zeile gefunden : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Zeile gefunden : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Zeile gefunden : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Zeile gefunden : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
Zeile gefunden : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
Zeile gefunden : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
Zeile gefunden : user_pref("extensions.BabylonToolbar_i.babExt", "");
Zeile gefunden : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111304&tt=3412_1");
Zeile gefunden : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Zeile gefunden : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Zeile gefunden : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.613:12:37");
Zeile gefunden : user_pref("extensions.delta.admin", false);
Zeile gefunden : user_pref("extensions.delta.aflt", "babsst");
Zeile gefunden : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gefunden : user_pref("extensions.delta.autoRvrt", "false");
Zeile gefunden : user_pref("extensions.delta.dfltLng", "de");
Zeile gefunden : user_pref("extensions.delta.excTlbr", false);
Zeile gefunden : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gefunden : user_pref("extensions.delta.id", "2864fef2000000000000001cbf5660d0");
Zeile gefunden : user_pref("extensions.delta.instlDay", "15929");
Zeile gefunden : user_pref("extensions.delta.instlRef", "sst");
Zeile gefunden : user_pref("extensions.delta.newTab", false);
Zeile gefunden : user_pref("extensions.delta.prdct", "delta");
Zeile gefunden : user_pref("extensions.delta.prtnrId", "delta");
Zeile gefunden : user_pref("extensions.delta.rvrt", "false");
Zeile gefunden : user_pref("extensions.delta.smplGrp", "none");
Zeile gefunden : user_pref("extensions.delta.tlbrId", "base");
Zeile gefunden : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gefunden : user_pref("extensions.delta.vrsn", "1.8.22.0");
Zeile gefunden : user_pref("extensions.delta.vrsnTs", "1.8.22.01:07:22");
Zeile gefunden : user_pref("extensions.delta.vrsni", "1.8.22.0");
Zeile gefunden : user_pref("extensions.delta_i.babExt", "");
Zeile gefunden : user_pref("extensions.delta_i.babTrack", "affID=122303&tt=070813_wt4&tsp=4972");
Zeile gefunden : user_pref("extensions.delta_i.srcExt", "ss");

*************************

AdwCleaner[R0].txt - [9856 octets] - [06/09/2013 10:34:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9916 octets] ##########
         
ich werde jetzt noch die 4 schritte zur informationsbeschaffung durchgehen wie bei der anleitung für hilfesuchende steht. ich dachte vieleicht könnt ihr aber mit den logfiles schon was anfangen.

LG eure Keepsake

Alt 08.09.2013, 13:27   #2
keepsake
 
adware bprotect - Standard

adware bprotect



FRTS.txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-09-2013
Ran by XXXX (administrator) on LÄPPI on 08-09-2013 13:53:04
Running from C:\Users\XXXX\Downloads
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
() C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(OptionNV) C:\Windows\system32\gtdetectsc.exe
(OptionNV) C:\Windows\system32\GtFlashSwitch.exe
(Sony Corporation) C:\Program Files\sony\Network Utility\NSUService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\OPT Drive Power Saving.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\sony\VAIO Camera Utility\VCUServe.exe
(NSCE) C:\Program Files\sony\WWAN\WWAN_reminder.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files\sony\Network Utility\LANUtil.exe
(Spotify Ltd) C:\Users\XXXX\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Dropbox, Inc.) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Foxit Corporation) C:\Users\XXXX\AppData\Local\Temp\Foxit Reader Updater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
() C:\Program Files\Mendeley Desktop\MendeleyWordPlugin.exe
(Mendeley Ltd.) C:\Program Files\Mendeley Desktop\MendeleyDesktop.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\updrgui.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Avira Operations GmbH & Co. KG) C:\program files\avira\antivir desktop\ipmGui.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4399104 2007-03-23] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [118784 2006-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [VAIOCameraUtility] - C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe [411768 2007-02-07] (Sony Corporation)
HKLM\...\Run: [AML] - C:\Program Files\Sony\VAIO AV Mode Launcher\AML.exe [1241088 2007-04-11] (Sony)
HKLM\...\Run: [WWAN_reminder] - C:\Program Files\Sony\WWAN\WWAN_reminder.exe [36864 2007-04-19] (NSCE)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1822720 2007-03-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-08-31] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-08-31] (Cisco Systems, Inc.)
HKLM\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\VESWinlogon: VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [262144 2008-11-05] (Sony Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\XXXX\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-08-11] (Spotify Ltd)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [964024 2012-08-31] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-08-31] ()
HKCU\...\Run: [Facebook Update] - C:\Users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-03] (Facebook Inc.)
MountPoints2: {b549f8f4-4585-11e1-9ff3-00a0c6000000} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-11-05] (Sony Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-11-05] (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {F9872F96-C881-4FA4-827B-A50BC1CFE4E6} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194

FireFox:
========
FF ProfilePath: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\iiv46cq4.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\XXXX\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\iiv46cq4.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\iiv46cq4.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Adblock Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\iiv46cq4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF Extension: amznUWL2 - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\iiv46cq4.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: toolbar - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\iiv46cq4.default\Extensions\toolbar@web.de.xpi
FF Extension: No Name - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\iiv46cq4.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\iiv46cq4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\iiv46cq4.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor5.0; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 gtdetectsc; C:\Windows\system32\gtdetectsc.exe [123208 2007-04-24] (OptionNV)
R2 GtFlashSwitch; C:\Windows\system32\GtFlashSwitch.exe [123208 2007-04-24] (OptionNV)
S3 MSSQL$MSSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [299008 2008-11-03] (Sony Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-03-05] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-04-04] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-03-05] (Sony Corporation)
S2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2010-03-25] (Vodafone)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-08-31] (Cisco Systems, Inc.)
S3 VUAgent; C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [939624 2012-01-13] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2009-03-05] (Sony Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; "C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP" [x]
S3 VAIOMediaPlatform-Mobile-Gateway; "C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server" [x]
S3 VAIOMediaPlatform-UCLS-HTTP; "C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" [x]

==================== Drivers (Whitelisted) ====================

R3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [39888 2013-08-30] (Cisco Systems, Inc.)
R3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [58320 2013-08-30] (Cisco Systems, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-08-09] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-13] (DT Soft Ltd)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [8064 2007-04-24] (Option N.V.)
S3 GTSCSER; C:\Windows\System32\DRIVERS\gtscser.sys [20992 2007-04-24] (Option N.V.)
S3 GTUQBUS; C:\Windows\System32\DRIVERS\gtuqbus.sys [36992 2007-04-24] (Option N.V.)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-09-06] (Malwarebytes Corporation)
R0 shpf; C:\Windows\System32\DRIVERS\shpf.sys [14720 2007-03-19] (Sony Corporation)
R3 SonyImgF; C:\Windows\System32\DRIVERS\SonyImgF.sys [31104 2007-04-05] (Sony Corporation)
R3 SPI; C:\Windows\System32\DRIVERS\SonyPI.sys [33792 2006-10-05] (Sony Corporation)
S3 sscebus; C:\Windows\System32\DRIVERS\sscebus.sys [98560 2012-06-27] (MCCI Corporation)
S3 sscemdfl; C:\Windows\System32\DRIVERS\sscemdfl.sys [14848 2012-06-27] (MCCI Corporation)
S3 sscemdm; C:\Windows\System32\DRIVERS\sscemdm.sys [123648 2012-06-27] (MCCI Corporation)
S3 ssceserd; C:\Windows\System32\DRIVERS\ssceserd.sys [100352 2012-06-27] (MCCI Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-09] (Avira GmbH)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181344 2012-07-31] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [114688 2009-08-18] (ZTE Corporation)
S3 ZTEusbvoice; C:\Windows\System32\DRIVERS\ZTEusbvoice.sys [105088 2009-08-18] (ZTE Incorporated)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-08 13:51 - 2013-09-08 13:51 - 01082239 _____ (Farbar) C:\Users\XXXX\Downloads\FRST.exe
2013-09-08 13:50 - 2013-09-08 13:51 - 00000540 _____ C:\Users\XXXX\Downloads\defogger_disable.log
2013-09-08 13:50 - 2013-09-08 13:50 - 00000156 _____ C:\Users\XXXX\defogger_reenable
2013-09-08 13:49 - 2013-09-08 13:49 - 00050477 _____ C:\Users\XXXX\Downloads\Defogger.exe
2013-09-08 12:04 - 2013-09-08 12:04 - 96555248 _____ C:\Windows\system32\ꄆᨽᴼˆ
2013-09-07 20:45 - 2013-09-07 20:45 - 00014779 _____ C:\Users\XXXX\Downloads\XXXX1
2013-09-07 20:15 - 2013-09-07 20:15 - 00121036 _____ C:\Users\XXXX\Desktop\OTL.Txt
2013-09-06 14:33 - 2013-08-30 23:51 - 00039888 ____R (Cisco Systems, Inc.) C:\Windows\system32\Drivers\acsint.sys
2013-09-06 12:14 - 2013-09-06 12:16 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-09-06 12:14 - 2013-09-06 12:14 - 00000906 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-06 12:14 - 2013-09-06 12:14 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Malwarebytes
2013-09-06 12:14 - 2013-09-06 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-06 12:14 - 2013-09-06 12:14 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-06 12:14 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-06 12:12 - 2013-09-06 12:12 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\XXXX\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-06 11:35 - 2013-09-06 11:35 - 00602112 _____ (OldTimer Tools) C:\Users\XXXX\Downloads\OTL(1).exe
2013-09-06 10:34 - 2013-09-06 10:53 - 00000000 ____D C:\AdwCleaner
2013-09-06 10:32 - 2013-09-06 10:32 - 01037134 _____ C:\Users\XXXX\Downloads\adwcleaner_3002.exe
2013-09-06 08:37 - 2013-09-06 08:37 - 96304236 _____ C:\Windows\system32\㔄㼪ᴼœ
2013-09-03 20:34 - 2013-09-03 20:35 - 00000000 ____D C:\Users\XXXX\Documents\WG
2013-08-31 00:10 - 2013-08-31 00:10 - 00034192 _____ (Cisco Systems, Inc.) C:\Windows\system32\vpnevents.dll
2013-08-31 00:10 - 2013-08-31 00:10 - 00011152 _____ (Cisco Systems, Inc.) C:\Windows\system32\vpncategories.dll
2013-08-30 23:51 - 2013-08-30 23:51 - 00058320 ____R (Cisco Systems, Inc.) C:\Windows\system32\Drivers\acsmux.sys
2013-08-28 23:32 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-19 21:45 - 2013-08-20 06:40 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-19 21:05 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 21:05 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 21:05 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-19 21:05 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 21:05 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 21:05 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 21:05 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 21:05 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-19 21:05 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-19 21:05 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 21:05 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 21:05 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-19 21:04 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 21:04 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 21:04 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 21:04 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 06:45 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 06:45 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 06:45 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 06:45 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 06:45 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 06:45 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 06:45 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 06:44 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 06:44 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 06:44 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 06:44 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 06:43 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-13 23:55 - 2013-08-13 23:55 - 00000816 _____ C:\Users\Public\Desktop\SigmaPlot 12.0.lnk
2013-08-13 23:53 - 2013-08-13 23:53 - 00000000 ____D C:\Program Files\SigmaPlot
2013-08-13 23:50 - 2013-08-13 23:50 - 00001025 _____ C:\Windows\system32\cjgbm28.tgz
2013-08-13 23:50 - 2013-08-13 23:50 - 00001025 _____ C:\Windows\system32\cjgbm28.dll
2013-08-13 23:50 - 2013-08-13 23:50 - 00000204 _____ C:\Windows\system32\vyg4l5a.dll
2013-08-13 23:49 - 2013-08-13 23:50 - 00000218 _____ C:\Windows\system32\vyg4l5a.tgz
2013-08-13 23:49 - 2013-08-13 23:49 - 00001025 _____ C:\Windows\system32\grcauth2.dll
2013-08-13 23:49 - 2013-08-13 23:49 - 00001025 _____ C:\Windows\system32\grcauth1.dll
2013-08-13 23:49 - 2013-08-13 23:49 - 00001025 _____ C:\Windows\system32\clauth2.dll
2013-08-13 23:49 - 2013-08-13 23:49 - 00001025 _____ C:\Windows\system32\clauth1.dll
2013-08-13 23:49 - 2013-08-13 23:49 - 00000114 _____ C:\Windows\system32\prsgrc.tgz
2013-08-13 23:49 - 2013-08-13 23:49 - 00000100 _____ C:\Windows\system32\prsgrc.dll
2013-08-13 23:49 - 2013-08-13 23:49 - 00000086 _____ C:\Windows\system32\ssprs.tgz
2013-08-13 23:49 - 2013-08-13 23:49 - 00000072 _____ C:\Windows\system32\ssprs.dll
2013-08-13 23:49 - 2012-09-28 18:11 - 00000016 ____H C:\Windows\system32\vd23d61.dll
2013-08-13 23:27 - 2013-08-13 23:28 - 00000000 ____D C:\Users\XXXX\Downloads\simaplot
2013-08-13 01:00 - 2013-08-13 01:01 - 07637088 _____ (hxxp://www.express-files.com/) C:\Users\XXXX\Downloads\sigmaplot_12.1_downloader_de_133.exe
2013-08-13 00:53 - 2013-08-13 23:48 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-08-13 00:50 - 2013-08-13 00:50 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Avira
2013-08-13 00:21 - 2013-09-02 15:25 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-13 00:21 - 2013-09-02 15:25 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-13 00:21 - 2013-08-09 20:00 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-13 00:21 - 2013-08-09 20:00 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-08-13 00:18 - 2013-08-13 00:21 - 00000000 ____D C:\ProgramData\Avira
2013-08-13 00:18 - 2013-08-13 00:18 - 00000000 ____D C:\Program Files\Avira
2013-08-12 23:57 - 2013-08-12 23:58 - 02092792 _____ C:\Users\XXXX\Downloads\avira_free_antivirus.exe
2013-08-12 23:54 - 2013-08-12 23:54 - 00392000 _____ (Softonic                                        ) C:\Users\XXXX\Downloads\SoftonicDownloader_for_sigmaplot.exe
2013-08-09 03:03 - 2013-08-19 22:01 - 00000000 ____D C:\Windows\system32\MRT

==================== One Month Modified Files and Folders =======

2013-09-08 13:52 - 2013-09-08 13:52 - 00000000 ____D C:\FRST
2013-09-08 13:51 - 2013-09-08 13:51 - 01082239 _____ (Farbar) C:\Users\XXXX\Downloads\FRST.exe
2013-09-08 13:51 - 2013-09-08 13:50 - 00000540 _____ C:\Users\XXXX\Downloads\defogger_disable.log
2013-09-08 13:50 - 2013-09-08 13:50 - 00000156 _____ C:\Users\XXXX\defogger_reenable
2013-09-08 13:50 - 2011-10-13 16:57 - 00000000 ____D C:\Users\XXXX
2013-09-08 13:49 - 2013-09-08 13:49 - 00050477 _____ C:\Users\XXXX\Downloads\Defogger.exe
2013-09-08 13:47 - 2012-04-23 23:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-08 13:46 - 2011-10-13 16:42 - 01869143 _____ C:\Windows\WindowsUpdate.log
2013-09-08 13:10 - 2006-11-02 14:47 - 00003552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-08 13:10 - 2006-11-02 14:47 - 00003552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-08 13:02 - 2013-07-03 21:57 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1349350522-1392879031-607472974-1004UA.job
2013-09-08 12:04 - 2013-09-08 12:04 - 96555248 _____ C:\Windows\system32\ꄆᨽᴼˆ
2013-09-07 22:02 - 2013-07-03 21:57 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1349350522-1392879031-607472974-1004Core.job
2013-09-07 20:45 - 2013-09-07 20:45 - 00014779 _____ C:\Users\XXXX\Downloads\XXXX1
2013-09-07 20:15 - 2013-09-07 20:15 - 00121036 _____ C:\Users\XXXX\Desktop\OTL.Txt
2013-09-07 20:15 - 2012-12-07 18:37 - 00121036 _____ C:\Users\XXXX\Downloads\OTL.Txt
2013-09-06 15:57 - 2013-02-02 14:35 - 00000000 ___RD C:\Users\XXXX\Desktop\MASTERARBEIT
2013-09-06 14:33 - 2012-09-13 10:49 - 00000000 ____D C:\ProgramData\Cisco
2013-09-06 14:33 - 2012-09-13 10:49 - 00000000 ____D C:\Program Files\Cisco
2013-09-06 12:16 - 2013-09-06 12:14 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-09-06 12:14 - 2013-09-06 12:14 - 00000906 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-06 12:14 - 2013-09-06 12:14 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Malwarebytes
2013-09-06 12:14 - 2013-09-06 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-06 12:14 - 2013-09-06 12:14 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-06 12:12 - 2013-09-06 12:12 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\XXXX\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-06 11:35 - 2013-09-06 11:35 - 00602112 _____ (OldTimer Tools) C:\Users\XXXX\Downloads\OTL(1).exe
2013-09-06 11:10 - 2011-12-08 21:06 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Dropbox
2013-09-06 11:03 - 2011-12-08 21:10 - 00000000 ___RD C:\Users\XXXX\Dropbox
2013-09-06 10:57 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-06 10:55 - 2006-11-02 15:01 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-06 10:53 - 2013-09-06 10:34 - 00000000 ____D C:\AdwCleaner
2013-09-06 10:52 - 2012-02-08 13:31 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-09-06 10:32 - 2013-09-06 10:32 - 01037134 _____ C:\Users\XXXX\Downloads\adwcleaner_3002.exe
2013-09-06 09:57 - 2012-05-10 23:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-06 09:57 - 2006-11-02 15:00 - 00258720 _____ C:\Windows\PFRO.log
2013-09-06 09:55 - 2012-03-29 13:32 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Spotify
2013-09-06 08:37 - 2013-09-06 08:37 - 96304236 _____ C:\Windows\system32\㔄㼪ᴼœ
2013-09-05 12:33 - 2011-10-17 18:47 - 00000000 ____D C:\Users\XXXX\AppData\Local\Last.fm
2013-09-03 20:35 - 2013-09-03 20:34 - 00000000 ____D C:\Users\XXXX\Documents\WG
2013-09-02 15:25 - 2013-08-13 00:21 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-02 15:25 - 2013-08-13 00:21 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-01 17:12 - 2012-03-29 13:33 - 00000000 ____D C:\Users\XXXX\AppData\Local\Spotify
2013-08-31 00:10 - 2013-08-31 00:10 - 00034192 _____ (Cisco Systems, Inc.) C:\Windows\system32\vpnevents.dll
2013-08-31 00:10 - 2013-08-31 00:10 - 00011152 _____ (Cisco Systems, Inc.) C:\Windows\system32\vpncategories.dll
2013-08-30 23:51 - 2013-09-06 14:33 - 00039888 ____R (Cisco Systems, Inc.) C:\Windows\system32\Drivers\acsint.sys
2013-08-30 23:51 - 2013-08-30 23:51 - 00058320 ____R (Cisco Systems, Inc.) C:\Windows\system32\Drivers\acsmux.sys
2013-08-28 09:18 - 2011-10-18 12:56 - 00000680 _____ C:\Users\XXXX\AppData\Local\d3d9caps.dat
2013-08-20 22:47 - 2012-04-23 23:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-20 22:47 - 2011-10-14 14:11 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-20 06:40 - 2013-08-19 21:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-20 04:09 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-20 04:02 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-20 03:27 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-19 22:01 - 2013-08-09 03:03 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 21:39 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-19 21:21 - 2006-11-02 12:33 - 01764458 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-13 23:55 - 2013-08-13 23:55 - 00000816 _____ C:\Users\Public\Desktop\SigmaPlot 12.0.lnk
2013-08-13 23:53 - 2013-08-13 23:53 - 00000000 ____D C:\Program Files\SigmaPlot
2013-08-13 23:50 - 2013-08-13 23:50 - 00001025 _____ C:\Windows\system32\cjgbm28.tgz
2013-08-13 23:50 - 2013-08-13 23:50 - 00001025 _____ C:\Windows\system32\cjgbm28.dll
2013-08-13 23:50 - 2013-08-13 23:50 - 00000204 _____ C:\Windows\system32\vyg4l5a.dll
2013-08-13 23:50 - 2013-08-13 23:49 - 00000218 _____ C:\Windows\system32\vyg4l5a.tgz
2013-08-13 23:49 - 2013-08-13 23:49 - 00001025 _____ C:\Windows\system32\grcauth2.dll
2013-08-13 23:49 - 2013-08-13 23:49 - 00001025 _____ C:\Windows\system32\grcauth1.dll
2013-08-13 23:49 - 2013-08-13 23:49 - 00001025 _____ C:\Windows\system32\clauth2.dll
2013-08-13 23:49 - 2013-08-13 23:49 - 00001025 _____ C:\Windows\system32\clauth1.dll
2013-08-13 23:49 - 2013-08-13 23:49 - 00000114 _____ C:\Windows\system32\prsgrc.tgz
2013-08-13 23:49 - 2013-08-13 23:49 - 00000100 _____ C:\Windows\system32\prsgrc.dll
2013-08-13 23:49 - 2013-08-13 23:49 - 00000086 _____ C:\Windows\system32\ssprs.tgz
2013-08-13 23:49 - 2013-08-13 23:49 - 00000072 _____ C:\Windows\system32\ssprs.dll
2013-08-13 23:48 - 2013-08-13 00:53 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-08-13 23:28 - 2013-08-13 23:27 - 00000000 ____D C:\Users\XXXX\Downloads\simaplot
2013-08-13 01:01 - 2013-08-13 01:00 - 07637088 _____ (hxxp://www.express-files.com/) C:\Users\XXXX\Downloads\sigmaplot_12.1_downloader_de_133.exe
2013-08-13 00:50 - 2013-08-13 00:50 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Avira
2013-08-13 00:45 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-08-13 00:21 - 2013-08-13 00:18 - 00000000 ____D C:\ProgramData\Avira
2013-08-13 00:18 - 2013-08-13 00:18 - 00000000 ____D C:\Program Files\Avira
2013-08-12 23:58 - 2013-08-12 23:57 - 02092792 _____ C:\Users\XXXX\Downloads\avira_free_antivirus.exe
2013-08-12 23:56 - 2012-12-27 13:34 - 00000000 ____D C:\Users\XXXX\Desktop\Multimedia Kram
2013-08-12 23:54 - 2013-08-12 23:54 - 00392000 _____ (Softonic                                        ) C:\Users\XXXX\Downloads\SoftonicDownloader_for_sigmaplot.exe
2013-08-09 20:00 - 2013-08-13 00:21 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-09 20:00 - 2013-08-13 00:21 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys

Files to move or delete:
====================
C:\Users\XXXX\AppData\Local\Temp\AskSLib.dll
C:\Users\XXXX\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\XXXX\AppData\Local\Temp\Foxit Updater.exe
C:\Users\XXXX\AppData\Local\Temp\htmlayout.dll
C:\Users\XXXX\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\XXXX\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\XXXX\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\XXXX\AppData\Local\Temp\Last.fm-2.1.30.exe
C:\Users\XXXX\AppData\Local\Temp\Last.fm-2.1.33.exe
C:\Users\XXXX\AppData\Local\Temp\PicasaUpdater_20ef.exe
C:\Users\XXXX\AppData\Local\Temp\Quarantine.exe
C:\Users\XXXX\AppData\Local\Temp\SkypeSetup.exe
C:\Users\XXXX\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\XXXX\AppData\Local\Temp\toolbar3258314.exe
C:\Users\XXXX\AppData\Local\Temp\toolbar3259375.exe
C:\Users\XXXX\AppData\Local\Temp\uninst1.exe
C:\Users\XXXX\AppData\Local\Temp\uninstall1752359.exe
C:\Users\XXXX\AppData\Local\Temp\uninstall1752593.exe
C:\Users\XXXX\AppData\Local\Temp\uninstall877708.exe
C:\Users\XXXX\AppData\Local\Temp\vlc-2.0.2-win32.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-06 11:14

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition.txt
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-09-2013
Ran by XXXX at 2013-09-08 13:55:41
Running from C:\Users\XXXX\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Acrobat  8 Standard - English, Français, Deutsch (Version: 8.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Help Center 2.1 (Version: 2.1)
Adobe Photoshop Elements 5.0 (Version: 5.0)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Alps Pointing-device for VAIO
Anti-Twin (Installation 24.10.2011)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 13.0.0.4052)
Battery Care Function (Version: 1.2.00.02130)
Bluetooth Stack for Windows by Toshiba (Version: v5.10.10(SO))
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1)
BVTech Plasmid (Version: 1.0.0)
Canon MP Navigator 3.0
Canon MP Navigator EX 4.1
Cisco AnyConnect Diagnostics and Reporting Tool (Version: 3.1.04066)
Cisco AnyConnect Secure Mobility Client  (Version: 3.1.04066)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04066)
Click to DVD 2.0.05 Menu Data (Version: 2.0.05)
Click to DVD 2.6.00 (Version: 2.6.00)
Clone Manager Basic 9 (Version: 9.1)
DAEMON Tools Lite (Version: 4.46.1.0327)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX-Setup (Version: 2.6.0.34)
Dropbox (HKCU Version: 2.0.22)
DSL Connection Manager (Version: 2.1.0.18)
DVR-Studio Pro 2
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Foxit Reader (Version: 6.0.3.524)
Free YouTube to MP3 Converter version 3.10.15.1228
Google Earth (Version: 4.0.2722)
Google Talk (remove only)
Hammer Process (Version: 1.0.0)
HDAUDIO SoftV92 Data Fax Modem with SmartCP
iCloud (Version: 2.1.2.8)
ICQ7.6 (Version: 7.6)
Instant Mode (Version: 1.0.1)
Intel(R) Graphics Media Accelerator Driver
iTunes (Version: 11.0.3.42)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Java(TM) 6 Update 35 (Version: 6.0.350)
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0)
JDownloader 0.9 (Version: 0.9)
Last.fm Scrobbler 2.1.33
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Melanie Viewer 7 (Version: 7.05)
Mendeley Desktop 1.9.1 (Version: 1.9.1)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft Office 2003 Web Components (Version: 11.0.8003.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0822)
Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Offline Page DE (Version: 1.0.0)
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140)
PDFCreator (Version: 1.2.3)
Peripheral Device & Storage Media Restriction Setting Utility (Version: 1.2.00.02130)
Picasa 3 (Version: 3.9)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.5386)
Rosetta Stone Version 3 (Version: 3.4.5.0)
Roxio Easy Media Creator Home (Version: 9.0.178)
Safari (Version: 5.34.57.2)
Samsung Kies (Version: 2.3.3.12085_7)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0)
Setting Utility Series (Version: 2.1.02.01180)
SigmaPlot 12.0 (Version: 12.0)
SimVector 4.6 (Version: 4.6)
Skype Click to Call (Version: 6.3.11079)
Skype™ 5.10 (Version: 5.10.116)
SonicStage 4.3 (Version: 4.3)
Sony Utilities DLL (Version: 7.1.00.15150)
Sony Video Shared Library (Version: 3.1.03)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52 (Version: v2012.build.52)
System Requirements Lab for Intel (Version: 4.5.3.0)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.5000.00)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
VAIO Aqua Breeze Wallpaper (Version: 1.0.11.13240)
VAIO AV Mode Launcher (Version: 1.1.00.04110)
VAIO Camera Capture Utility (Version: 2.3.00.15160)
VAIO Camera Utility (Version: 2.0.01.02070)
VAIO Control Center (Version: 2.0.00.11060)
VAIO Cozy Orange Wallpaper (Version: 1.0.11.13240)
VAIO Data Restore Tool (Version: 1.0.01.02070)
VAIO Database Converter 1.0 (Version: 1.0.00)
VAIO Database Converter Ver 1.0 (Version: 1.0.00.00000)
VAIO Entertainment Platform (Version: 3.4.1.15050)
VAIO Event Service (Version: 3.1.00.16030)
VAIO Hardware Diagnostics
VAIO HDD Protection (Version: 2.1.00.15140)
VAIO Long Battery Life Wallpaper (Version: 1.0.02.13240)
VAIO Media (Version: 6.0.10)
VAIO Media 6.0 (Version: 6.0.10)
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0 (Version: 6.0.10)
VAIO Media Registration Tool (Version: 6.0.10)
VAIO Media Registration Tool 6.0 (Version: 6.0.10)
VAIO Original Screen Saver
VAIO Photo 2007 (Version: 1.0.01.01250)
VAIO Power Management (Version: 2.3.03.04070)
VAIO Smart Network (Version: 2.0.1.11050)
VAIO Status Monitor (Version: 1.2.00.04020)
VAIO Tender Green Wallpaper (Version: 1.0.11.10180)
VAIO Update (Version: 5.6.1.02150)
VAIO Update Merge Module x86 (Version: 5.6.10270)
VAIO Update Merge Module x86 (Version: 5.7.13130)
VAIO Video & Photo  Suite (Version: 1.1.00.13301)
VAIO Video & Photo Suite (Version: 1.1.00.13301)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.2 (Version: 2.0.2)
Vodafone Mobile Connect Lite (Version: 9.4.9.22273)
VU5x86 (Version: 1.0.0)
WinDVD for VAIO (Version: 8.0-B6.113)
WinRAR 4.01 (32-Bit) (Version: 4.01.0)
 

==================== Restore Points  =========================

28-08-2013 22:00:04 Geplanter Prüfpunkt
30-08-2013 07:33:33 Geplanter Prüfpunkt
31-08-2013 01:01:19 Windows Update
02-09-2013 00:02:57 Geplanter Prüfpunkt
02-09-2013 01:00:19 Windows Update
04-09-2013 01:01:56 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {09D59FB6-C4BB-4C74-9CA7-0A3B46AFA2CD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1349350522-1392879031-607472974-1004Core => C:\Users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-03] (Facebook Inc.)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2011-10-18] ()
Task: {2669A294-AFEE-4FB4-A7AD-21C2D3FD6C59} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\system32\schtasks.exe [2008-01-19] (Microsoft Corporation)
Task: {292243EB-29A5-4C24-9BC8-7C76B7564276} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {31D0C8A4-B75D-4D62-A659-434925C2BAAA} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-19] (Microsoft Corporation)
Task: {342F4B8E-C740-4A6C-B113-04923BC51F9B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {45A34039-6481-4E98-89A2-B5DC2ABA6E9A} - System32\Tasks\MCVRegistrationReminder2 => C:\Windows\System32\DeleteReminders.vbs
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {5B1A45A3-3C10-40F0-8597-A1FCF55F1FD5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {5F40A31C-8684-40DD-AC0A-0654AB874E86} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {7B4B912F-2B4F-415F-AF1A-B932FF94390D} - System32\Tasks\MCVSurveyReminder2 => C:\Windows\System32\DeleteReminders.vbs
Task: {7BD0A8EC-A0A5-41CE-A8B4-99659F2BC486} - System32\Tasks\MCVSurveyReminder4 => C:\Windows\System32\DeleteReminders.vbs
Task: {88273350-3FEC-4BDA-9CED-5FA0BA677C37} - System32\Tasks\Express FilesUpdate => C:\Program Files\ExpressFiles\EFUpdater.exe
Task: {8AF7F685-D11D-4BE0-8840-DC0F8529F8A9} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {92CA6519-E7B9-47E8-949D-DC9668577E0C} - System32\Tasks\MCVSurveyReminder1 => C:\Windows\System32\DeleteReminders.vbs
Task: {992CC544-3290-4194-A89B-AECA6B076678} - System32\Tasks\MCVRegistrationReminder3 => C:\Windows\System32\DeleteReminders.vbs
Task: {A8719BA3-26CC-440E-A3AC-2FB2E0BE1F50} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {AEE03898-B455-45DC-866A-41FE25BE38E0} - System32\Tasks\MCVRegistrationReminder4 => C:\Windows\System32\DeleteReminders.vbs
Task: {B2840A56-AD4E-4BF5-A01B-60280D7493B5} - System32\Tasks\MCVRegistrationReminder1 => C:\Windows\System32\DeleteReminders.vbs
Task: {C895E234-71E2-4FDB-AB81-EDB01B851A89} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-19] (Microsoft Corporation)
Task: {CD9610DB-2BC0-41C2-913C-909963FAAA4A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2012-01-17] (Sony Corporation)
Task: {D1D2B96E-4F1B-4EB9-AB11-E3F416CF9789} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1349350522-1392879031-607472974-1004UA => C:\Users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-03] (Facebook Inc.)
Task: {D3C03540-6FB1-4068-AE0E-9D308D1E6134} - System32\Tasks\LaunchMCV => C:\Windows\System32\DeleteLauncher.vbs
Task: {D71D6714-D8FA-4BD5-8198-C234DA820500} - System32\Tasks\MCVSurveyReminder3 => C:\Windows\System32\DeleteReminders.vbs
Task: {E9C659EB-83EC-4674-8009-6C3963B56831} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1349350522-1392879031-607472974-1004 => C:\Windows\System32\portabledeviceapi.dll [2009-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1349350522-1392879031-607472974-1004Core.job => C:\Users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1349350522-1392879031-607472974-1004UA.job => C:\Users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2011-12-26 01:30 - 2007-11-30 14:19 - 00192512 _____ (Intel Corporation) C:\Intel\ExtremeGraphics\CUI\Resource\igfxres.dll
2011-11-21 12:29 - 2011-05-28 23:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2013-06-06 12:56 - 2013-04-06 13:38 - 00197080 _____ (Foxit Corporation) C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x86.dll
2007-04-26 20:36 - 2006-09-25 14:17 - 00099630 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL
2007-04-27 09:23 - 2007-02-07 19:43 - 00040960 _____ () C:\Program Files\sony\VAIO Camera Utility\VCULib.dll
2007-04-27 09:24 - 2007-02-07 19:43 - 00303104 _____ (Sony Corporation) C:\Program Files\sony\VAIO Camera Utility\VCULocale.dll
2007-04-19 10:41 - 2007-04-19 10:41 - 00007168 _____ () C:\Program Files\sony\WWAN\Win32Interop.dll
2006-09-15 13:58 - 2006-09-15 13:58 - 00934400 ____R (Macrovision Europe Ltd.) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\FNP_Act_Installer.dll
2012-08-31 09:45 - 2012-08-31 09:45 - 00250368 _____ (Windows (R) Codename Longhorn DDK provider) C:\Program Files\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 00053608 _____ (Open Source Software community project) C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01292136 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 00923496 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 16303976 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00073064 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2012-03-29 14:16 - 2008-11-03 16:00 - 00409600 _____ (Sony Corporation) C:\Program Files\sony\Network Utility\CommonUI.dll
2012-03-29 14:16 - 2008-11-03 16:03 - 01798144 _____ (Sony Corporation) C:\Program Files\sony\Network Utility\ResDLL_DEU.dll
2012-03-29 14:16 - 2008-11-03 15:58 - 00073728 _____ (Sony Corporation) C:\Program Files\Sony\Network Utility\PluginMgr.dll
2013-08-20 03:25 - 2013-08-20 03:25 - 01674240 _____ (Samsung) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\6733715b4b716c51b75acfc8163738a9\Kies.ni.exe
2013-08-20 03:57 - 2013-08-20 03:57 - 01185280 _____ (MSC) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\043bc768300ba87bbdca3c1b098ebfd4\Kies.Interface.ni.dll
2013-08-20 03:57 - 2013-08-20 03:57 - 01728512 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\e0ea55ba9dca94811b7550c77649b762\Kies.UI.ni.dll
2013-08-20 03:57 - 2013-08-20 03:57 - 00078848 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\6222abd000d73a556064306b6e3ed4c7\Kies.MVVM.ni.dll
2013-08-20 03:57 - 2013-08-20 03:57 - 00119296 _____ (hxxp://code.google.com/p/gong-wpf-dragdrop) C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\c53add3b694c642897bc85713ee57ec2\GongSolutions.Wpf.DragDrop.ni.dll
2013-07-16 19:29 - 2013-07-16 19:29 - 00052224 _____ ( ) C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\eea8db63092ff4b46a05dde0562aa7e5\Interop.DeviceSearchLib.ni.dll
2013-08-20 03:57 - 2013-08-20 03:57 - 00201728 _____ (Samsung) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\f69a0fd8c98acd0d7c0daed896223c1a\Kies.Common.Util.ni.dll
2013-08-20 03:57 - 2013-08-20 03:57 - 00067072 _____ (MSC) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\1e98e1a178984623f3dc6842b7df0f16\Kies.Common.DBManager.ni.dll
2013-08-20 03:57 - 2013-08-20 03:57 - 00183296 _____ (MSC) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\8f3c23224d649605b02f97c4ac374ef1\Kies.Common.MainUI.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 01025536 _____ (MSC) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9a02e59537e11d521d6f566c37c03383\Kies.Common.DeviceService.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 00064000 _____ (Samsung Electronics) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\a98b395bba3483234cf5f3f13e2c26f6\Kies.Common.AllShare.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 00507392 _____ (Samsung) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\cde96bc29d0e1108d9c9a3c51b094316\Kies.Common.MediaDB.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 00029184 _____ (Samsung Electronics) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\1a3b7f2d750851d9159eb83d6e8e9cad\Kies.Common.StoreManager.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 00278016 _____ (mobileleader) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a3d8bee773ca26c9a0a8b1d3643deb1d\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 00189952 _____ (mobileleader) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\cb84fc991b94ae87e805c7337f830d21\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 02188800 _____ (Samsung Electronics) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\7c3f1d107e40d4d1acf2a79810a921dd\Kies.Common.Multimedia.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 00184320 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7448abb44c5c502633060a6cc639e51e\Kies.Common.DeviceServiceLib.Interface.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 00566784 _____ (Samsung) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\00bee429371f9569c1dc5f2b448acdf2\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
2013-08-20 03:57 - 2013-08-20 03:57 - 01437696 _____ (MSC) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\98c9133eed4ba2d997a39c56246f9a38\Kies.Locale.ni.dll
2013-08-20 03:59 - 2013-08-20 03:59 - 00031232 _____ (Samsung Electronics) C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\d6381ee39b47d6ea76cb1bffaebcf33d\AllShareController.ni.dll
2013-08-20 03:59 - 2013-08-20 03:59 - 00391168 _____ (Samsung) C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\9c06dd9add7d7a382a8920a427410138\BATPlugin.ni.dll
2013-08-20 03:59 - 2013-08-20 03:59 - 00320512 _____ (MSC) C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\c8f91c1f87adb5388e4355ab466b7a4a\EBookManager.ni.dll
2013-08-20 03:59 - 2013-08-20 03:59 - 00964096 _____ (MSC) C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\d9d7272dd830d904264fb358556dfdcc\MusicManager.ni.dll
2013-08-20 03:59 - 2013-08-20 03:59 - 01007104 _____ (auney) C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\22ee8caaf8ecd18c26a90fc73320320f\CPKTMusicPlugin.ni.dll
2013-08-20 03:59 - 2013-08-20 03:59 - 01843712 _____ (Samsung) C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\4f7fd72525e490c075581e05b4421e7b\Phonebook.ni.dll
2013-08-20 04:00 - 2013-08-20 04:00 - 00607232 _____ (Samsung) C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\9a058b7d790c9ab295494c6bcb87a85e\PhotoManager.ni.dll
2013-08-20 04:00 - 2013-08-20 04:00 - 01143296 _____ (Samsung Electronics) C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\386882aa7fffa5b7f48887b4e5e58e66\Podcaster.ni.dll
2013-08-20 04:00 - 2013-08-20 04:00 - 02778112 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\d6ff0d26a5db846d3692364a8cfe6b3e\PodcastService.ni.dll
2013-08-20 04:01 - 2013-08-20 04:01 - 00461824 _____ (samsung) C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\a55f6fcadd38f63761cbc3343d5bd4f3\VideoManager.ni.dll
2013-08-20 04:00 - 2013-08-20 04:00 - 05678080 _____ (MSC) C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\97f7960284f0fd1b52d5d39054568c4e\DeviceHost.ni.dll
2013-08-20 04:01 - 2013-08-20 04:01 - 00299008 _____ (MSC) C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\71cf8fb0e2375141b7ea52ea91d29c95\DeviceMusic.ni.dll
2013-08-20 04:01 - 2013-08-20 04:01 - 00367104 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\faf647240faed549d62042f7401b784b\DevicePhoto.ni.dll
2013-08-20 04:01 - 2013-08-20 04:01 - 00290816 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\6812e556337e8e227341c2773cdcd7e5\DeviceVideo.ni.dll
2013-08-20 04:01 - 2013-08-20 04:01 - 00608256 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\c33ebf3f502bf3dea9da6d24342334b1\DevicePodcast.ni.dll
2013-08-20 04:01 - 2013-08-20 04:01 - 15399936 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\8ea4590b552b63ce4433042b1bec5bcd\Kies.Theme.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 00565760 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\371f07e556fd02c7ebf189013100669c\Kies.Common.DeviceServiceLib.FileService.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 00902144 _____ (Samsung) C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\16bccf673ecc1c3af893d975389bb486\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
2013-07-16 19:33 - 2013-07-16 19:33 - 00033792 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\feb091eff0150ebdd8b28ccfc439824b\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
2013-08-20 03:57 - 2013-08-20 03:57 - 00530944 _____ (ICSharpCode.net) C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\70c775e13456b1975ac67f549ee29b53\ICSharpCode.SharpZipLib.ni.dll
2013-07-16 19:30 - 2013-07-16 19:30 - 00395776 _____ (ElmueSoft) C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\abebd90a3673cde0cd3a1b81a9f18f86\CabLib.ni.dll
2013-07-16 19:31 - 2013-07-16 19:31 - 00174592 _____ ( ) C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\9f5132483649edef1dd6c849fd240da8\Interop.DevFileServiceLib.ni.dll
2013-08-20 03:58 - 2013-08-20 03:58 - 00232960 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\c5efe841e2998c266e0f5e29bed04b55\ASF_cSharpAPI.ni.dll
2013-07-16 19:30 - 2013-07-16 19:30 - 00171520 _____ ( ) C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\a474771ad225ef2b83d38a86a160ed53\Interop.P3MPINTERFACECTRLLib.ni.dll
2013-07-16 19:30 - 2013-07-16 19:30 - 00030720 _____ ( ) C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\46e37ca6c73aee2fd773ae739f5324d8\Interop.PRPLAYERCORELib.ni.dll
2013-07-16 19:30 - 2013-07-16 19:30 - 00052224 _____ ( ) C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\be9d4a331a41a83465c56b735845c86b\Interop.MP3FileInfoCOMLib.ni.dll
2013-07-16 19:30 - 2013-07-16 19:30 - 00032256 _____ ( ) C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\0cd09e4839a2bfe65311191d2e61c698\Interop.OGGFileInfoCOMLib.ni.dll
2012-08-28 10:05 - 2012-08-28 10:05 - 00307200 _____ ( MarkAny.) C:\Program Files\Samsung\Kies\External\MACSSDK.dll
2005-07-13 13:38 - 2005-07-13 13:38 - 00057344 _____ (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosCpsAPI.dll
2006-12-01 21:43 - 2006-12-01 21:43 - 00225280 _____ (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngHelp.dll
2006-08-04 20:33 - 2006-08-04 20:33 - 00053248 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosAvAPI.dll
2007-05-15 14:58 - 2007-05-15 14:58 - 00110592 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosBtSDDB.dll
2006-09-20 16:22 - 2006-09-20 16:22 - 00024576 _____ (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngLang.dll
2007-04-12 11:52 - 2007-04-12 11:52 - 00102400 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosBdAPI.dll
2005-07-22 21:30 - 2005-07-22 21:30 - 00065536 _____ () C:\Windows\system32\TosCommAPI.dll
2001-09-26 15:15 - 2001-09-26 15:15 - 00065536 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosLaneAPI.dll
2007-05-22 16:46 - 2007-05-22 16:46 - 00167936 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosBtAPI.dll
2007-05-15 14:28 - 2007-05-15 14:28 - 00282624 _____ (TOSHIBA CORPORATION) C:\Windows\system32\LCWizard.dll
2001-08-17 16:23 - 2001-08-17 16:23 - 00217088 _____ (TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BtUsrMod.dll
2005-11-08 20:07 - 2005-11-08 20:07 - 00065536 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosHidAPI.dll
2006-08-10 13:09 - 2006-08-10 13:09 - 00069632 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosGnsAPI.dll
2003-11-13 14:43 - 2003-11-13 14:43 - 00061440 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosAcpiAPI.dll
2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\XXXX\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\icudt.dll
2006-05-10 11:05 - 2006-05-10 11:05 - 00077824 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosBtECCAPI.dll
2007-04-10 10:47 - 2007-04-10 10:47 - 00131072 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosAvdtAPI.dll
2007-01-17 09:53 - 2007-01-17 09:53 - 00061440 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosSndAPI.dll
2007-02-27 18:53 - 2007-02-27 18:53 - 00491520 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosSndPlug.dll
2013-08-19 21:49 - 2013-08-19 21:54 - 03551640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2011-10-13 18:43 - 2006-09-13 05:10 - 01867264 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMUI87.DLL
2011-10-13 18:43 - 2006-09-13 05:00 - 00540160 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMDR87.DLL
2011-10-13 18:43 - 2006-09-13 05:00 - 00110080 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMCP87.DLL
2013-09-06 12:14 - 2011-06-01 10:16 - 00496976 _____ (vbAccelerator) C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
2013-09-06 12:14 - 2012-05-22 17:05 - 00046416 _____ (vbAccelerator) C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
2013-08-31 00:11 - 2013-08-31 00:11 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-06-06 12:56 - 2013-05-21 09:42 - 01155648 _____ (Foxit Corporation) C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\Creator\x86\FPC_WordAddin_x86.dll
2006-11-02 12:25 - 2009-04-11 08:28 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL
2006-11-02 12:25 - 2009-04-11 08:28 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
2011-10-25 00:22 - 2008-01-19 09:34 - 01253888 _____ (Hewlett Packard Corporation) C:\Windows\system32\spool\DRIVERS\W32X86\3\hpz3rlhn.dll
2011-10-25 06:02 - 2008-01-19 09:35 - 00280064 _____ (Hewlett-Packard Company) C:\Windows\system32\spool\DRIVERS\W32X86\3\HPFIME50.dll
2012-07-04 12:50 - 2012-07-04 12:50 - 09841152 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Program Files\Mendeley Desktop\QtGui4.dll
2012-07-04 12:32 - 2012-07-04 12:32 - 02942464 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Program Files\Mendeley Desktop\QtCore4.dll
2013-07-09 13:47 - 2013-07-09 13:47 - 13908512 _____ (PDFTron Systems Inc.) C:\Program Files\Mendeley Desktop\PDFNetC.dll
2012-07-04 13:11 - 2012-07-04 13:11 - 00332800 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Program Files\Mendeley Desktop\QtSvg4.dll
2012-07-04 15:59 - 2012-07-04 15:59 - 18624512 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Program Files\Mendeley Desktop\QtWebKit4.dll
2012-07-04 12:34 - 2012-07-04 12:34 - 02461184 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Program Files\Mendeley Desktop\QtNetwork4.dll
2012-07-04 12:33 - 2012-07-04 12:33 - 00411648 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Program Files\Mendeley Desktop\QtXml4.dll
2013-07-09 13:48 - 2013-09-06 15:44 - 00296960 _____ () C:\Program Files\Mendeley Desktop\Mendeley.dll
2012-07-04 16:25 - 2012-07-04 16:25 - 00211968 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Program Files\Mendeley Desktop\imageformats\qjpeg4.dll

==================== Alternate Data Streams (whitelisted) ==========


==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2013 06:03:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26193

Error: (09/08/2013 06:03:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26193

Error: (09/08/2013 06:03:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/08/2013 06:03:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25179

Error: (09/08/2013 06:03:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25179

Error: (09/08/2013 06:03:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/08/2013 06:03:35 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24165

Error: (09/08/2013 06:03:35 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24165

Error: (09/08/2013 06:03:35 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/08/2013 06:03:34 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23151


System errors:
=============
Error: (09/08/2013 03:00:19 AM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.1.36 für die Netzwerkkarte mit der Netzwerkadresse 001CBF5660D0 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (09/07/2013 05:56:22 PM) (Source: Service Control Manager) (User: )
Description: 30000Wlansvc

Error: (09/07/2013 05:55:48 PM) (Source: Service Control Manager) (User: )
Description: 30000SysMain

Error: (09/07/2013 06:44:40 AM) (Source: Service Control Manager) (User: )
Description: 30000WPDBusEnum

Error: (09/07/2013 06:44:10 AM) (Source: Service Control Manager) (User: )
Description: 30000SysMain

Error: (09/07/2013 06:43:37 AM) (Source: Service Control Manager) (User: )
Description: 30000EMDMgmt

Error: (09/07/2013 06:43:07 AM) (Source: Service Control Manager) (User: )
Description: 30000Wlansvc

Error: (09/07/2013 06:42:37 AM) (Source: Service Control Manager) (User: )
Description: 30000CscService

Error: (09/07/2013 06:42:07 AM) (Source: Service Control Manager) (User: )
Description: 30000AudioEndpointBuilder

Error: (09/07/2013 06:41:37 AM) (Source: Service Control Manager) (User: )
Description: 30000SysMain


Microsoft Office Sessions:
=========================
Error: (09/08/2013 06:03:37 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26193

Error: (09/08/2013 06:03:37 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26193

Error: (09/08/2013 06:03:37 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/08/2013 06:03:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25179

Error: (09/08/2013 06:03:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25179

Error: (09/08/2013 06:03:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/08/2013 06:03:35 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24165

Error: (09/08/2013 06:03:35 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24165

Error: (09/08/2013 06:03:35 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/08/2013 06:03:34 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23151


CodeIntegrity Errors:
===================================
  Date: 2013-09-07 18:52:04.339
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-07 18:52:03.855
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-07 18:52:03.367
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-07 18:52:02.904
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-07 18:52:02.437
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-07 18:52:01.915
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-10-28 12:36:18.102
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-10-28 12:36:17.881
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-10-28 12:36:17.640
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-10-28 12:36:17.270
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 72%
Total physical RAM: 2037.32 MB
Available physical RAM: 555.58 MB
Total Pagefile: 4317.9 MB
Available Pagefile: 1756.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:85.71 GB) (Free:2.42 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Removable) (Total:3.67 GB) (Free:3.46 GB) FAT32
Drive f: (extern_HD) (Fixed) (Total:698.64 GB) (Free:127.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93 GB) (Disk ID: C11FC15C)
Partition 1: (Not Active) - (Size=7 GB) - (Type=27)
Partition 2: (Active) - (Size=86 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 699 GB) (Disk ID: CEEE5933)
Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


ich kann GMER irgendwie nicht runterladen...ich probier mal noch ein wenig rum...ich bekomme folgende fehlermeldung:

C:\Users\XXXX\AppData\Local\Temp konnte nicht gespeichert werden, weil Sie die Inhalte dieses Ordners nicht ändern können.

Ändern Sie die Ordnereigenschaften und versuchen Sie es nochmals oder versuchen Sie, an einem anderen Ort zu speichern.

ich sag schonmal danke!


[edit]:
jetzt ist hier echt was im argen. mein zitationsprogramm für word funkrioniert nicht mehr und dropbox startet auch nicht....so ein mist!
__________________


Geändert von keepsake (08.09.2013 um 14:06 Uhr)

Alt 10.09.2013, 11:04   #3
schrauber
/// the machine
/// TB-Ausbilder
 

adware bprotect - Standard

adware bprotect



hi,
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
__________________

Alt 10.09.2013, 11:36   #4
keepsake
 
adware bprotect - Standard

adware bprotect



Hallo Schrauber, danke für deine Antwort.
Ich stand leider unter zeitdruck und brauchte meinen Laptop so schnell wie möglich wieder funktionsfähig-Masterarbeit muss geschrieben werden, und dafür sich Mendely und Dropbox leider unerlässlich.... Dementsprechend sicherte ich meine Daten mit parted magic und führte eine systemwiederhestellung durch. Das ging für mich in dem Moment schneller. Nun ist wieder alles paletti.
Trotzdem Danke. Ich hoffe du hattest nicht zu viel Arbeit bei der Lösungsfindung für mich...falls doch ein großes entschuldigung an dieser Stelle.

Ihr könnt das Thema gerne als gelöst markieren oder entfernen. Vielen Dank!

Alt 10.09.2013, 13:50   #5
schrauber
/// the machine
/// TB-Ausbilder
 

adware bprotect - Standard

adware bprotect



ok

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu adware bprotect
adblock, adobe, application/pdf:, bho, defender, firefox, flash player, installation, photoshop, pup.babylon.a, pup.delta.a, pup.optional.babsolution.a, pup.optional.babylon.a, pup.optional.browserdefender.a, pup.optional.delta.a, pup.optional.deltatb, pup.optional.installex, pup.optional.opencandy, pup.optional.softonic, pup.optional.tarma.a, pup.optional.yontoo, realtek, regclean, registrierungsdatenbank, scan, senden, software, spotify web helper, symantec, tarma



Ähnliche Themen: adware bprotect


  1. Win7 BProtect und Adware sowie Addlyrics auf dem Laptop gefunden
    Plagegeister aller Art und deren Bekämpfung - 13.12.2014 (13)
  2. Windows 8: Win32:BProtect-J [Trj]
    Log-Analyse und Auswertung - 11.08.2014 (9)
  3. adware-Bprotect durch McAfee entdeckt und konnte nicht entfernt werden
    Log-Analyse und Auswertung - 27.05.2014 (14)
  4. Windows 7: Win32:BProtect-D
    Plagegeister aller Art und deren Bekämpfung - 13.05.2014 (13)
  5. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  6. Windows Vista: Avira Antivir meldet erst ADWARE/bProtect.D einige Tage später TR/Fakeadb.A
    Log-Analyse und Auswertung - 26.10.2013 (17)
  7. Avira Meldungen: Adware/bProtect.D und TR/Fakeadb.A; Office Starter 2010 verschwunden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2013 (27)
  8. ADWARE/bProtect.D unter Quarantäne windows Sicherheitscenter fehlerhaft
    Log-Analyse und Auswertung - 09.10.2013 (9)
  9. Win 7: TR/Fakeadb.a und Adware/bProtect.D
    Log-Analyse und Auswertung - 24.09.2013 (9)
  10. ADWARE/bProtect.D aber keine Funde bei Malwarebytes
    Log-Analyse und Auswertung - 24.09.2013 (11)
  11. Avira findet ADWARE/bProtect.D
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (13)
  12. Adware/bProtect.D
    Plagegeister aller Art und deren Bekämpfung - 16.09.2013 (13)
  13. ADWARE/bProtect.D gemeldet
    Plagegeister aller Art und deren Bekämpfung - 13.09.2013 (21)
  14. Sicherheitscenter deaktiviert und Virus "ADWARE/InstallCo.HA" "ADWARE/bProtect.D" "TR/Mevade.A.95" gefunden
    Log-Analyse und Auswertung - 10.09.2013 (10)
  15. Windows 7 Avira Fund: adware/bprotect.d
    Log-Analyse und Auswertung - 09.09.2013 (6)
  16. Windows 7: Adware/bProtect.D
    Log-Analyse und Auswertung - 09.09.2013 (11)
  17. PC von Adware.Agent.ZGen, Adware.ClickPotato, Adware.ShopperReports, Adware.Hotbar, Adwa angegriffen
    Mülltonne - 30.06.2011 (0)

Zum Thema adware bprotect - Hallo ihr lieben Helfer, Antivir hat mir gemeldet dass Malware in Form von Adware dprotect gefunden wurde. ich habe die befallenen datein mit avira in quaratäne verschoben. Ich habe bis - adware bprotect...
Archiv
Du betrachtest: adware bprotect auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.