Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 02.01.2014, 15:05   #1
TheMrDJJ
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Hi,

Ich werde seit einigen Tagen bei Google-Suchen ungewollt auf dubiose Webseiten umgeleitet (z.B. "URL4Short.info").
Das geschieht allerdings nicht nur auf meinem PC, sondern auch auf unserem Familien-Tablet-PC.
Beide Geräte sind am gleichen privaten WiFi-Netzwerk.

Ich habe bereits folgende Schritt unternommen:
  1. Scan mit Security Essentials. Es wurden 2 Bedrohungen gefunden und entfernt. Logfile siehe unten.
  2. Scan mit Malwarebytes Anti-Malware. Es wurden 13 weitere Bedrohungen gefunden und entfernt. Logfile siehe unten.
    Ich vermute, dass dort auch viel Adware dabei war, die ich mir auf einer der umgeleiteten Seiten eingefangen habe.
    Zum Schutz hiervor habe ich mir bereits Web of trust in Firefox installiert, die ungewollten Werbebanner sind verschwunden.
  3. Ich habe die Tipps in diesem Video: hxxp://www.youtube.com/watch?v=H-YPtErh1t4 befolgt.
    Ich habe mir also die "hosts"-Datei unter System32/drivers/etc angeschaut, dort konnte ich aber keinen zusätzlichen (verdächtigen) Eintrag finden.
    Dann habe ich die "ntbtlog.txt" laut Anleitung erstellt, habe dort aber keinen verdächtigen Eintrag gefunden. "ntbtlog.txt" siehe unten.
  4. Ich habe die hier im Forum geforderten Logfiles mit Hilfe der drei Programme erstellt. Logfiles siehe untern.

Komischerweise hatte ich direkt nach dem letzten Schritt einen plötzlichen Bluescreen (ich habe in dem Moment nichts getan), danach lies sich der PC wieder normal starten.
Bis jetzt ist das nicht wieder passiert.
Ich glaube auch mir einzubilden, dass der PC etwas langsamer läuft.

Vielen Dank im Voraus und frohes Neues,
Daniel

--------------Ende des Posts es folgen Logfiles----------------------------
  • MPDetection-[...].log (Security Essentials)
    Code:
    ATTFilter
    2013-12-22T20:09:25.369Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-22T20:09:36.933Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.416.0 AV 1.165.416.0
    2013-12-23T10:53:08.623Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-23T10:53:16.184Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.416.0 AV 1.165.416.0
    2013-12-24T10:28:57.876Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-24T10:29:02.803Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.470.0 AV 1.165.470.0
    2013-12-25T08:59:14.556Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-25T08:59:23.405Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.566.0 AV 1.165.566.0
    2013-12-26T15:56:20.667Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-26T15:56:28.486Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.566.0 AV 1.165.566.0
    2013-12-27T10:07:20.744Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-27T10:07:31.503Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.634.0 AV 1.165.634.0
    2013-12-27T17:08:51.764Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-27T17:08:56.522Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.634.0 AV 1.165.634.0
    2013-12-28T08:35:01.892Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-28T08:35:14.047Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.634.0 AV 1.165.634.0
    2013-12-28T11:38:48.934Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-28T11:38:59.632Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.755.0 AV 1.165.755.0
    2013-12-28T17:12:12.009Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-28T17:12:18.594Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.755.0 AV 1.165.755.0
    2013-12-29T09:18:03.979Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-29T09:18:09.178Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.755.0 AV 1.165.755.0
    2013-12-29T10:06:45.931Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-29T10:06:54.098Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.787.0 AV 1.165.787.0
    2013-12-29T15:30:15.293Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-29T15:30:22.380Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.787.0 AV 1.165.787.0
    2013-12-30T09:46:37.759Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-30T09:46:43.669Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.787.0 AV 1.165.787.0
    2013-12-30T12:54:29.945Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-30T12:54:37.517Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.822.0 AV 1.165.822.0
    2013-12-30T17:17:07.478Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-30T17:17:30.530Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.822.0 AV 1.165.822.0
    2013-12-31T10:47:53.648Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-31T10:48:02.790Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.822.0 AV 1.165.822.0
    2013-12-31T20:58:22.483Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2013-12-31T20:58:27.070Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.887.0 AV 1.165.887.0
    2014-01-01T10:54:58.152Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2014-01-01T10:55:07.653Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.887.0 AV 1.165.887.0
    2014-01-01T17:45:47.160Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2014-01-01T17:45:51.819Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.977.0 AV 1.165.977.0
    2014-01-01T19:26:58.904Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2014-01-01T19:27:10.819Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.977.0 AV 1.165.977.0
    2014-01-01T19:49:06.147Z DETECTION Adware:Win32/FastSaveApp file:C:\$Recycle.Bin\S-1-5-21-3895061128-266478412-1364876304-1000\$RJMGT3N\ikpkdkdpjekaglclmjjgaghjfnmbjegm.crx->manifest.json
    2014-01-01T19:49:06.159Z DETECTION Adware:Win32/FastSaveApp file:C:\$Recycle.Bin\S-1-5-21-3895061128-266478412-1364876304-1000\$RJMGT3N\settings.ini
    2014-01-01T20:00:33.809Z DETECTION Exploit:Java/CVE-2012-1723 file:C:\Users\Magda\AppData\Local\Temp\jar_cache9051801770020012867.tmp->Cfsdfs77.class
    2014-01-01T20:00:38.149Z DETECTION Exploit:Java/CVE-2012-1723 file:C:\Users\Magda\AppData\Local\Temp\jar_cache9051801770020012867.tmp->XTTP.class
    2014-01-01T20:37:46.367Z Service stopped with exit code 0x0
    2014-01-01T20:38:38.449Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2014-01-01T20:38:43.690Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.977.0 AV 1.165.977.0
    2014-01-02T08:19:17.759Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
    2014-01-02T08:19:25.631Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.977.0 AV 1.165.977.0
             
  • mbam-log-[...].txt (MBAM)
    Code:
    ATTFilter
     Malwarebytes Anti-Malware  (Trial) 1.75.0.1300
    www.malwarebytes.org
    
    Database version: v2014.01.01.05
    
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16750
    Juschus :: JUSCHUS-VAIO [administrator]
    
    Protection: Enabled
    
    01/01/2014 20:46:47
    mbam-log-2014-01-01 (20-46-47).txt
    
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 418631
    Time elapsed: 50 minute(s), 2 second(s)
    
    Memory Processes Detected: 0
    (No malicious items detected)
    
    Memory Modules Detected: 0
    (No malicious items detected)
    
    Registry Keys Detected: 0
    (No malicious items detected)
    
    Registry Values Detected: 0
    (No malicious items detected)
    
    Registry Data Items Detected: 0
    (No malicious items detected)
    
    Folders Detected: 2
    C:\Users\Juschus\AppData\Local\Temp\CT3203625 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    C:\Users\Juschus\AppData\Local\Temp\CT3297931 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    
    Files Detected: 9
    C:\$Recycle.Bin\S-1-5-21-3895061128-266478412-1364876304-1000\$RJMGT3N\uninstall.exe (PUP.Optional.SilentInstall.A) -> Quarantined and deleted successfully.
    C:\Users\Daniel\AppData\Local\Temp\JKfR6oor.exe.part (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
    C:\Users\Juschus\AppData\Local\Temp\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Quarantined and deleted successfully.
    C:\Users\Juschus\AppData\Local\Temp\CT3203625\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    C:\Users\Juschus\Local Settings\Temporary Internet Files\Content.IE5\OSO3323Z\tonebytes_4929[1].exe (PUP.Optional.InstallMonetizer.A) -> Quarantined and deleted successfully.
    C:\Users\Juschus\Local Settings\Temporary Internet Files\Content.IE5\XINL9W75\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    C:\Users\Magda\AppData\Local\Temp\1SKKKKKKK.exe (Exploit.Drop.GS) -> Quarantined and deleted successfully.
    C:\Users\Juschus\AppData\Local\Temp\CT3203625\parameters.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    C:\Users\Juschus\AppData\Local\Temp\CT3297931\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    
    (end)
             
  • defogger_disable.log (Defogger) (es gab keine Fehlermeldung)
    Code:
    ATTFilter
    defogger_disable by jpshortstuff (23.02.10.1)
    Log created at 13:44 on 02/01/2014 (Juschus)
    
    Checking for autostart values...
    HKCU\~\Run values retrieved.
    HKLM\~\Run values retrieved.
    
    Checking for services/drivers...
    
    
    -=E.O.F=-
             
  • FRST.txt (FRST64)
    Code:
    ATTFilter
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2014 01
    Ran by Daniel (ATTENTION: The logged in user is not administrator) on JUSCHUS-VAIO on 02-01-2014 13:45:27
    Running from C:\Users\Daniel\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal
    
    ==================== Processes (Whitelisted) =================
    
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
    () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    (KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    
    ==================== Registry (Whitelisted) ==================
    
    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-07-20] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-07-20] (Realtek Semiconductor)
    HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [947360 2011-07-05] (Atheros Commnucations)
    HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [797344 2011-07-05] (Atheros Commnucations)
    HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-06-22] (Synaptics Incorporated)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
    HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
    HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
    HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
    HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
    HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2801288 2011-05-31] (Sony Corporation)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
    HKLM-x32\...\Run: [Reader Library Launcher] - C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [906648 2010-07-13] (Sony Corporation)
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
    HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-03-18] (Sony Corporation)
    HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
    HKLM-x32\...\Run: [] - [x]
    HKLM-x32\...\Run: [KORG USB-MIDI Driver] - C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [394248 2013-01-08] (KORG Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
    HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
    HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
    HKCU\...\Run: [HP Photosmart 5520 series (NET)] - C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
    MountPoints2: {c689b126-9c52-11e2-a115-f0bf97d8419f} - E:\AutoRun.exe
    MountPoints2: {c689b163-9c52-11e2-a115-f0bf97d8419f} - E:\AutoRun.exe
    MountPoints2: {c689b1ce-9c52-11e2-a115-f0bf97d8419f} - E:\AutoRun.exe
    
    ==================== Internet (Whitelisted) ====================
    
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
    URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKCU - {E7914903-6BD3-46C4-9170-66424A6A5837} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
    SearchScopes: HKCU - {F2183BDB-43CB-43F5-923E-65950E296EC5} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=hxxp://shop.ebay.co.uk/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
    BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: SaveByclick - {F263F5E4-C485-C3E7-0A30-6E0664620DAF} - C:\ProgramData\SaveByclick\50dc5ae069268.dll No File
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    
    FireFox:
    ========
    FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default
    FF Homepage: hxxp://de.msn.com/
    FF NetworkProxy: "backup.ftp", "188.138.104.221 "
    FF NetworkProxy: "backup.ftp_port", 3128
    FF NetworkProxy: "backup.socks", "188.138.104.221 "
    FF NetworkProxy: "backup.socks_port", 3128
    FF NetworkProxy: "backup.ssl", "188.138.104.221 "
    FF NetworkProxy: "backup.ssl_port", 3128
    FF NetworkProxy: "ftp", "188.138.104.221"
    FF NetworkProxy: "ftp_port", 3128
    FF NetworkProxy: "http", "188.138.104.221"
    FF NetworkProxy: "http_port", 3128
    FF NetworkProxy: "share_proxy_settings", true
    FF NetworkProxy: "socks", "188.138.104.221"
    FF NetworkProxy: "socks_port", 3128
    FF NetworkProxy: "ssl", "188.138.104.221"
    FF NetworkProxy: "ssl_port", 3128
    FF NetworkProxy: "type", 0
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @sony.com/eBookLibrary - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
    FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
    FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
    FF Extension: WOT - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    FF Extension: Ghostery - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default\Extensions\firefox@ghostery.com.xpi
    FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
    FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
    
    Chrome: 
    =======
    CHR HomePage: hxxp://www.google.com/
    CHR RestoreOnStartup: "hxxp://www.google.com/"
    CHR Extension: (Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
    CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
    CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
    CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
    CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
    CHR HKLM-x32\...\Chrome\Extension: [ikpkdkdpjekaglclmjjgaghjfnmbjegm] - C:\ProgramData\SaveByclick\ikpkdkdpjekaglclmjjgaghjfnmbjegm.crx
    
    ==================== Services (Whitelisted) =================
    
    S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros)
    R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd)
    S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd)
    S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
    R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
    S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] ()
    R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
    R2 MOBK649backup; C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe [223544 2011-04-18] (McAfee, Inc.)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
    R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
    S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
    R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
    S2 pr2ah4nb; C:\Windows\system32\pr2ah4nb.exe [777576 2007-07-19] (CODEMASTERS)
    S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS)
    R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259512 2011-07-22] (Sony Corporation)
    S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
    R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
    S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
    R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
    
    ==================== Drivers (Whitelisted) ====================
    
    R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
    S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2012-01-03] ()
    R3 bomebus; C:\Windows\System32\DRIVERS\bomebus.sys [34376 2010-10-12] (Bome Software)
    S3 bomemidi; C:\Windows\System32\drivers\bomemidi.sys [30792 2010-10-12] (Bome Software)
    S2 CdaC15BA; C:\Windows\SysWow64\drivers\CdaC15BA.SYS [12464 2013-06-08] (Macrovision Europe Ltd)
    S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [239104 2012-09-18] (Huawei Technologies Co., Ltd.)
    S3 KORGUMDS; C:\Windows\System32\Drivers\KORGUM64.SYS [34288 2013-01-08] (KORG INC.)
    R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-01-03] ()
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
    R1 MOBK649Filter; C:\Windows\System32\DRIVERS\MOBK649.sys [66040 2011-04-18] (Mozy, Inc.)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
    R0 pe3ah4nb; C:\Windows\System32\drivers\pe3ah4nb.sys [72296 2007-07-19] (CODEMASTERS)
    R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS)
    R0 ps6ah4nb; C:\Windows\System32\drivers\ps6ah4nb.sys [102000 2007-07-19] (CODEMASTERS)
    R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS)
    R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2011-06-23] (REDC)
    S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2012-03-06] (Texas Instruments)
    S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [x]
    S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [x]
    
    ==================== NetSvcs (Whitelisted) ===================
    
    
    ==================== One Month Created Files and Folders ========
    
    2014-01-02 13:45 - 2014-01-02 13:45 - 00022783 _____ C:\Users\Daniel\Desktop\FRST.txt
    2014-01-02 13:45 - 2014-01-02 13:45 - 00000000 ____D C:\Users\Daniel\Desktop\FRST-OlderVersion
    2014-01-02 13:44 - 2014-01-02 13:44 - 00000476 _____ C:\Users\Daniel\Desktop\defogger_disable.log
    2014-01-02 11:22 - 2014-01-02 11:22 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-01 22:33 - 2014-01-01 22:33 - 00915368 _____ (Oracle Corporation) C:\Users\Daniel\Downloads\jxpiinstall.exe
    2014-01-01 22:16 - 2014-01-02 13:45 - 00000000 ____D C:\FRST
    2014-01-01 22:15 - 2014-01-01 22:15 - 00000000 _____ C:\Users\Juschus\defogger_reenable
    2014-01-01 22:11 - 2014-01-02 13:45 - 01931426 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
    2014-01-01 22:11 - 2014-01-01 22:11 - 00377856 _____ C:\Users\Daniel\Desktop\gmer_2.1.19163.exe
    2014-01-01 22:11 - 2014-01-01 22:11 - 00050477 _____ C:\Users\Daniel\Desktop\Defogger.exe
    2014-01-01 22:08 - 2014-01-01 22:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes
    2014-01-01 21:54 - 2014-01-01 21:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\Daniel\Downloads\HiJackThis204.exe
    2014-01-01 21:54 - 2014-01-01 21:54 - 00019333 _____ C:\Users\Daniel\Downloads\hijackthis.log
    2014-01-01 20:48 - 2014-01-01 20:48 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2014-01-01 20:48 - 2014-01-01 20:48 - 00000000 ____D C:\Program Files\CCleaner
    2014-01-01 20:46 - 2014-01-01 20:46 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
    2014-01-01 20:46 - 2014-01-01 20:46 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\Malwarebytes
    2014-01-01 20:45 - 2014-01-01 20:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-01-01 20:45 - 2014-01-01 20:45 - 00000000 ____D C:\ProgramData\Malwarebytes
    2014-01-01 20:45 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-01-01 14:50 - 2014-01-01 14:50 - 00002475 _____ C:\Users\Public\Desktop\AESHelp for FSX.lnk
    2014-01-01 14:47 - 2014-01-01 14:47 - 00000000 ____D C:\Users\Daniel\Downloads\AS_Airport-Enhancement-Services_V234
    2014-01-01 13:51 - 2014-01-01 13:53 - 33146870 _____ C:\Users\Daniel\Downloads\Ursus tractor and trailers v11.zip
    2014-01-01 13:49 - 2014-01-01 13:51 - 20036311 _____ C:\Users\Daniel\Downloads\kamaz master v1.2 .zip
    2014-01-01 13:49 - 2014-01-01 13:49 - 07091447 _____ C:\Users\Daniel\Downloads\landcruiserhdj80-v1-2.zip
    2014-01-01 13:48 - 2014-01-01 13:49 - 10023942 _____ C:\Users\Daniel\Downloads\actros4141.zip
    2014-01-01 13:48 - 2014-01-01 13:48 - 02218739 _____ C:\Users\Daniel\Downloads\SchoolBus.zip
    2014-01-01 13:47 - 2014-01-01 13:48 - 10502887 _____ C:\Users\Daniel\Downloads\UAZ_2206.zip
    2014-01-01 13:41 - 2014-01-01 13:42 - 05014217 _____ C:\Users\Daniel\Downloads\lancer_evo_v2.zip
    2014-01-01 13:00 - 2014-01-01 13:00 - 00000000 ____D C:\Users\Daniel\Downloads\krazLog
    2014-01-01 12:25 - 2014-01-01 14:43 - 00000000 ____D C:\Users\Daniel\Downloads\STBuild120713Dev
    2013-12-31 12:36 - 2013-12-31 12:36 - 00000000 ____D C:\Users\Daniel\Documents\Visual Studio 2008
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002879 _____ C:\Users\Juschus\Desktop\Aviation Jargon Speech Trainer.lnk
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002865 _____ C:\Users\Juschus\Desktop\MCE Aerosoft A320-321.lnk
    2013-12-30 16:25 - 2013-12-30 16:26 - 00000000 ____D C:\Program Files (x86)\Multi Crew Experience Aerosoft AXA
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001744 _____ C:\Users\Public\Desktop\RAAS Pro Aerosoft Info.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001664 _____ C:\Users\Public\Desktop\FS2Crew Airbus X Coupon Code.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001539 _____ C:\Users\Public\Desktop\RAAS Pro Manual.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001524 _____ C:\Users\Public\Desktop\RAAS SDK.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\RAASPRO
    2013-12-30 16:14 - 2013-12-30 16:14 - 00000000 ____D C:\Users\Juschus\Documents\Aerosoft
    2013-12-28 10:23 - 2013-12-28 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-12-27 13:52 - 2013-12-27 13:54 - 77481330 _____ () C:\Users\Daniel\Downloads\vR_BR103_VRot_DE_EN_V1.exe
    2013-12-23 18:22 - 2013-12-23 18:22 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2013-12-23 18:08 - 2013-12-23 18:08 - 00000222 _____ C:\Users\Daniel\Desktop\War Thunder.url
    2013-12-23 17:24 - 2013-12-23 17:24 - 00000000 ____D C:\Users\Daniel\Documents\My Games
    2013-12-23 13:42 - 2013-12-23 13:42 - 00000221 _____ C:\Users\Daniel\Desktop\Audiosurf.url
    2013-12-22 14:37 - 2013-12-22 14:37 - 00000000 ____D C:\Users\Daniel\Documents\Flight Simulator X-Dateien
    2013-12-21 12:33 - 2013-12-21 12:33 - 00000000 ____D C:\Users\Daniel\ItchySynths_Overdose_Suite
    2013-12-21 11:39 - 2011-12-19 13:08 - 02239702 _____ C:\Users\Daniel\Desktop\Demolition Man - erb N dub Drop 2.wav
    2013-12-20 12:08 - 2013-12-20 12:08 - 00013653 _____ C:\Users\Daniel\Downloads\file.php
    2013-12-20 12:08 - 2013-12-20 12:08 - 00000000 ____D C:\Users\Daniel\Downloads\Projekt_Szczecin
    2013-12-19 20:29 - 2013-12-19 20:29 - 00000000 ____D C:\Users\Daniel\Downloads\BVG324
    2013-12-19 13:03 - 2013-12-19 13:03 - 00001087 _____ C:\Users\Public\Desktop\OMSI Addon Manager.lnk
    2013-12-19 13:03 - 2013-12-19 13:03 - 00000000 ____D C:\Program Files (x86)\OMSI Addon Manager
    2013-12-19 13:02 - 2013-12-19 13:02 - 00000000 ____D C:\Users\Daniel\Downloads\OMSI_AM_1.2.4_Setup
    2013-12-19 12:54 - 2013-12-19 12:54 - 00000000 ____D C:\Users\Daniel\Downloads\MAN_NL202-Projekt_Szczecin
    2013-12-19 12:52 - 2013-12-19 12:52 - 00000000 ____D C:\Users\Daniel\Downloads\Projekt_Szczecin_3.10_20130110
    2013-12-18 14:40 - 2013-12-18 14:40 - 00000222 _____ C:\Users\Daniel\Desktop\OMSI 2.url
    2013-12-18 09:45 - 2013-12-18 09:45 - 00001059 _____ C:\Users\Public\Desktop\Service Center.lnk
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{9D18D848-CED5-4665-9D6C-AC997FC4BCDD}
    2013-12-18 09:42 - 2013-12-18 09:42 - 00000000 ____D C:\Users\Daniel\Downloads\Supercharger_110_PC
    2013-12-14 13:13 - 2013-12-14 13:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HpUpdate
    2013-12-13 17:36 - 2013-12-13 17:36 - 00006520 _____ C:\Users\Daniel\.recently-used.xbel
    2013-12-11 20:13 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2013-12-11 20:13 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2013-12-11 20:13 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2013-12-11 20:13 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2013-12-11 20:12 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-12-11 20:12 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-12-11 20:12 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-12-11 20:12 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-12-11 20:12 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-12-11 20:12 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-12-11 20:12 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-12-11 20:12 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-12-11 20:12 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-12-11 20:12 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-12-11 20:12 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-12-11 20:12 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-12-11 14:58 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2013-12-11 14:58 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2013-12-11 14:58 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2013-12-11 14:58 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2013-12-11 14:58 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
    2013-12-11 14:58 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
    2013-12-11 14:58 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2013-12-11 14:58 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
    2013-12-11 14:58 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
    2013-12-11 14:57 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
    2013-12-11 14:57 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
    2013-12-11 14:57 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
    2013-12-11 14:57 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
    2013-12-11 14:57 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2013-12-11 14:57 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2013-12-11 14:57 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
    2013-12-11 14:57 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
    2013-12-11 14:57 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2013-12-11 14:57 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
    2013-12-07 12:04 - 2013-12-07 12:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\HP
    2013-12-07 12:03 - 2013-12-07 12:03 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\Visan
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\HP Photo Creations
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
    2013-12-07 12:01 - 2013-12-07 12:01 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\HpUpdate
    2013-12-07 12:01 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMB111.dll
    2013-12-07 11:59 - 2013-12-07 12:01 - 00000000 ____D C:\Program Files (x86)\HP
    2013-12-07 11:59 - 2013-12-07 11:59 - 00000000 ____D C:\ProgramData\HP
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000057 _____ C:\ProgramData\Ament.ini
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000000 ____D C:\Program Files\HP
    2013-12-05 19:26 - 2013-12-05 19:26 - 08923288 _____ C:\Users\Juschus\Desktop\vuex6493.exe
    2013-12-03 08:26 - 2013-12-03 08:26 - 00000000 ____D C:\ProgramData\Qualcomm Atheros
    
    ==================== One Month Modified Files and Folders =======
    
    2014-01-02 13:45 - 2014-01-02 13:45 - 00022783 _____ C:\Users\Daniel\Desktop\FRST.txt
    2014-01-02 13:45 - 2014-01-02 13:45 - 00000000 ____D C:\Users\Daniel\Desktop\FRST-OlderVersion
    2014-01-02 13:45 - 2014-01-01 22:16 - 00000000 ____D C:\FRST
    2014-01-02 13:45 - 2014-01-01 22:11 - 01931426 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
    2014-01-02 13:44 - 2014-01-02 13:44 - 00000476 _____ C:\Users\Daniel\Desktop\defogger_disable.log
    2014-01-02 13:41 - 2011-12-24 13:16 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
    2014-01-02 13:32 - 2013-10-28 18:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-01-02 13:25 - 2012-03-21 17:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
    2014-01-02 13:21 - 2011-12-23 15:42 - 01472247 _____ C:\Windows\WindowsUpdate.log
    2014-01-02 13:20 - 2012-08-23 13:13 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-01-02 12:27 - 2009-07-14 05:51 - 00287406 _____ C:\Windows\setupact.log
    2014-01-02 11:22 - 2014-01-02 11:22 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-02 11:22 - 2013-07-30 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
    2014-01-02 11:22 - 2012-08-23 13:13 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-01-02 09:27 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-01-02 09:27 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-01-02 09:19 - 2011-08-25 04:52 - 00000000 ____D C:\ProgramData\NVIDIA
    2014-01-02 09:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2014-01-01 22:33 - 2014-01-01 22:33 - 00915368 _____ (Oracle Corporation) C:\Users\Daniel\Downloads\jxpiinstall.exe
    2014-01-01 22:15 - 2014-01-01 22:15 - 00000000 _____ C:\Users\Juschus\defogger_reenable
    2014-01-01 22:15 - 2011-12-23 15:42 - 00000000 ____D C:\Users\Juschus
    2014-01-01 22:11 - 2014-01-01 22:11 - 00377856 _____ C:\Users\Daniel\Desktop\gmer_2.1.19163.exe
    2014-01-01 22:11 - 2014-01-01 22:11 - 00050477 _____ C:\Users\Daniel\Desktop\Defogger.exe
    2014-01-01 22:08 - 2014-01-01 22:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes
    2014-01-01 21:54 - 2014-01-01 21:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\Daniel\Downloads\HiJackThis204.exe
    2014-01-01 21:54 - 2014-01-01 21:54 - 00019333 _____ C:\Users\Daniel\Downloads\hijackthis.log
    2014-01-01 21:44 - 2009-07-14 06:13 - 00876932 _____ C:\Windows\system32\PerfStringBackup.INI
    2014-01-01 21:38 - 2010-11-21 04:47 - 00325236 _____ C:\Windows\PFRO.log
    2014-01-01 20:48 - 2014-01-01 20:48 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2014-01-01 20:48 - 2014-01-01 20:48 - 00000000 ____D C:\Program Files\CCleaner
    2014-01-01 20:46 - 2014-01-01 20:46 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
    2014-01-01 20:46 - 2014-01-01 20:46 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\Malwarebytes
    2014-01-01 20:46 - 2014-01-01 20:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-01-01 20:45 - 2014-01-01 20:45 - 00000000 ____D C:\ProgramData\Malwarebytes
    2014-01-01 20:25 - 2011-12-23 15:43 - 00000000 ____D C:\Windows\pss
    2014-01-01 20:14 - 2011-12-23 15:45 - 00000000 ____D C:\Users\Juschus\Documents\Bluetooth Folder
    2014-01-01 20:13 - 2013-11-11 19:28 - 00000000 ____D C:\Users\Daniel\Documents\Bluetooth Folder
    2014-01-01 18:46 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2014-01-01 14:50 - 2014-01-01 14:50 - 00002475 _____ C:\Users\Public\Desktop\AESHelp for FSX.lnk
    2014-01-01 14:47 - 2014-01-01 14:47 - 00000000 ____D C:\Users\Daniel\Downloads\AS_Airport-Enhancement-Services_V234
    2014-01-01 14:43 - 2014-01-01 12:25 - 00000000 ____D C:\Users\Daniel\Downloads\STBuild120713Dev
    2014-01-01 14:43 - 2012-01-14 13:15 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\SpinTires
    2014-01-01 13:53 - 2014-01-01 13:51 - 33146870 _____ C:\Users\Daniel\Downloads\Ursus tractor and trailers v11.zip
    2014-01-01 13:51 - 2014-01-01 13:49 - 20036311 _____ C:\Users\Daniel\Downloads\kamaz master v1.2 .zip
    2014-01-01 13:49 - 2014-01-01 13:49 - 07091447 _____ C:\Users\Daniel\Downloads\landcruiserhdj80-v1-2.zip
    2014-01-01 13:49 - 2014-01-01 13:48 - 10023942 _____ C:\Users\Daniel\Downloads\actros4141.zip
    2014-01-01 13:48 - 2014-01-01 13:48 - 02218739 _____ C:\Users\Daniel\Downloads\SchoolBus.zip
    2014-01-01 13:48 - 2014-01-01 13:47 - 10502887 _____ C:\Users\Daniel\Downloads\UAZ_2206.zip
    2014-01-01 13:42 - 2014-01-01 13:41 - 05014217 _____ C:\Users\Daniel\Downloads\lancer_evo_v2.zip
    2014-01-01 13:00 - 2014-01-01 13:00 - 00000000 ____D C:\Users\Daniel\Downloads\krazLog
    2013-12-31 17:12 - 2013-09-29 18:55 - 00000000 ____D C:\Users\Juschus\Documents\Flight Simulator X-Dateien
    2013-12-31 12:36 - 2013-12-31 12:36 - 00000000 ____D C:\Users\Daniel\Documents\Visual Studio 2008
    2013-12-30 18:20 - 2011-12-23 15:52 - 00151152 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-12-30 18:17 - 2009-07-14 05:45 - 00638504 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002879 _____ C:\Users\Juschus\Desktop\Aviation Jargon Speech Trainer.lnk
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002865 _____ C:\Users\Juschus\Desktop\MCE Aerosoft A320-321.lnk
    2013-12-30 16:26 - 2013-12-30 16:25 - 00000000 ____D C:\Program Files (x86)\Multi Crew Experience Aerosoft AXA
    2013-12-30 16:17 - 2011-08-25 05:48 - 00325427 _____ C:\Windows\DirectX.log
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001744 _____ C:\Users\Public\Desktop\RAAS Pro Aerosoft Info.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001664 _____ C:\Users\Public\Desktop\FS2Crew Airbus X Coupon Code.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001539 _____ C:\Users\Public\Desktop\RAAS Pro Manual.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001524 _____ C:\Users\Public\Desktop\RAAS SDK.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\RAASPRO
    2013-12-30 16:14 - 2013-12-30 16:14 - 00000000 ____D C:\Users\Juschus\Documents\Aerosoft
    2013-12-30 15:21 - 2011-12-23 15:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Atheros
    2013-12-29 10:37 - 2012-04-18 14:14 - 00000000 ____D C:\Users\Daniel\Documents\FFOutput
    2013-12-28 12:38 - 2012-09-12 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2013-12-28 10:23 - 2013-12-28 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-12-27 13:54 - 2013-12-27 13:52 - 77481330 _____ () C:\Users\Daniel\Downloads\vR_BR103_VRot_DE_EN_V1.exe
    2013-12-23 18:34 - 2013-03-25 13:39 - 00000000 ____D C:\ProgramData\WarThunder
    2013-12-23 18:22 - 2013-12-23 18:22 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2013-12-23 18:08 - 2013-12-23 18:08 - 00000222 _____ C:\Users\Daniel\Desktop\War Thunder.url
    2013-12-23 18:07 - 2013-03-25 11:50 - 00000000 ____D C:\Users\Daniel\AppData\Local\War Thunder
    2013-12-23 17:24 - 2013-12-23 17:24 - 00000000 ____D C:\Users\Daniel\Documents\My Games
    2013-12-23 13:42 - 2013-12-23 13:42 - 00000221 _____ C:\Users\Daniel\Desktop\Audiosurf.url
    2013-12-22 14:37 - 2013-12-22 14:37 - 00000000 ____D C:\Users\Daniel\Documents\Flight Simulator X-Dateien
    2013-12-21 17:43 - 2013-06-19 13:21 - 00000000 ____D C:\Users\Daniel\Documents\Fl Studio Collection
    2013-12-21 16:07 - 2013-06-24 16:44 - 00000000 ____D C:\Program Files (x86)\VstPlugins
    2013-12-21 12:34 - 2011-12-23 15:51 - 00000000 ____D C:\Users\Daniel
    2013-12-21 12:33 - 2013-12-21 12:33 - 00000000 ____D C:\Users\Daniel\ItchySynths_Overdose_Suite
    2013-12-20 12:08 - 2013-12-20 12:08 - 00013653 _____ C:\Users\Daniel\Downloads\file.php
    2013-12-20 12:08 - 2013-12-20 12:08 - 00000000 ____D C:\Users\Daniel\Downloads\Projekt_Szczecin
    2013-12-19 20:29 - 2013-12-19 20:29 - 00000000 ____D C:\Users\Daniel\Downloads\BVG324
    2013-12-19 13:03 - 2013-12-19 13:03 - 00001087 _____ C:\Users\Public\Desktop\OMSI Addon Manager.lnk
    2013-12-19 13:03 - 2013-12-19 13:03 - 00000000 ____D C:\Program Files (x86)\OMSI Addon Manager
    2013-12-19 13:02 - 2013-12-19 13:02 - 00000000 ____D C:\Users\Daniel\Downloads\OMSI_AM_1.2.4_Setup
    2013-12-19 12:54 - 2013-12-19 12:54 - 00000000 ____D C:\Users\Daniel\Downloads\MAN_NL202-Projekt_Szczecin
    2013-12-19 12:52 - 2013-12-19 12:52 - 00000000 ____D C:\Users\Daniel\Downloads\Projekt_Szczecin_3.10_20130110
    2013-12-18 14:40 - 2013-12-18 14:40 - 00000222 _____ C:\Users\Daniel\Desktop\OMSI 2.url
    2013-12-18 10:34 - 2012-01-25 15:47 - 00224335 _____ C:\test.xml
    2013-12-18 09:50 - 2013-11-09 12:03 - 00000000 ____D C:\Users\Daniel\Documents\Native Instruments
    2013-12-18 09:45 - 2013-12-18 09:45 - 00001059 _____ C:\Users\Public\Desktop\Service Center.lnk
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{9D18D848-CED5-4665-9D6C-AC997FC4BCDD}
    2013-12-18 09:45 - 2013-06-25 15:26 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
    2013-12-18 09:45 - 2013-06-25 15:21 - 00000000 ____D C:\Program Files\Native Instruments
    2013-12-18 09:42 - 2013-12-18 09:42 - 00000000 ____D C:\Users\Daniel\Downloads\Supercharger_110_PC
    2013-12-16 15:37 - 2012-11-11 15:36 - 00000000 ____D C:\Users\Daniel\Documents\Kindergarten
    2013-12-15 19:02 - 2012-04-18 14:04 - 00000000 ____D C:\Program Files (x86)\Google
    2013-12-15 14:03 - 2013-07-29 19:19 - 00000000 ____D C:\Windows\system32\MRT
    2013-12-15 14:00 - 2012-05-31 17:35 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2013-12-14 13:14 - 2013-12-14 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HpUpdate
    2013-12-13 17:36 - 2013-12-13 17:36 - 00006520 _____ C:\Users\Daniel\.recently-used.xbel
    2013-12-12 16:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
    2013-12-11 17:32 - 2012-03-30 19:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-12-11 17:32 - 2011-08-25 05:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-12-11 15:08 - 2013-04-29 20:03 - 00000000 ____D C:\Program Files\Microsoft Office 15
    2013-12-07 15:14 - 2013-10-03 18:32 - 00052736 ___SH C:\Users\Daniel\Documents\Thumbs.db
    2013-12-07 12:08 - 2013-12-07 12:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\HP
    2013-12-07 12:03 - 2013-12-07 12:03 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\Visan
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\HP Photo Creations
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
    2013-12-07 12:01 - 2013-12-07 12:01 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\HpUpdate
    2013-12-07 12:01 - 2013-12-07 11:59 - 00000000 ____D C:\Program Files (x86)\HP
    2013-12-07 11:59 - 2013-12-07 11:59 - 00000000 ____D C:\ProgramData\HP
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000057 _____ C:\ProgramData\Ament.ini
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000000 ____D C:\Program Files\HP
    2013-12-05 19:33 - 2011-08-25 04:50 - 00037132 _____ C:\Windows\DPINST.LOG
    2013-12-05 19:26 - 2013-12-05 19:26 - 08923288 _____ C:\Users\Juschus\Desktop\vuex6493.exe
    2013-12-03 08:27 - 2011-08-25 04:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2013-12-03 08:26 - 2013-12-03 08:26 - 00000000 ____D C:\ProgramData\Qualcomm Atheros
    2013-12-03 08:26 - 2011-12-23 15:46 - 00000000 ____D C:\Update
    
    Some content of TEMP:
    ====================
    C:\Users\Daniel\AppData\Local\Temp\CmdLineExt02.dll
    C:\Users\Daniel\AppData\Local\Temp\HOST10852.exe
    C:\Users\Daniel\AppData\Local\Temp\HOST5228.exe
    C:\Users\Daniel\AppData\Local\Temp\LauncherYRFreeskiIISetup.exe
    C:\Users\Daniel\AppData\Local\Temp\nokiabahn1.exe
    C:\Users\Daniel\AppData\Local\Temp\SIntf16.dll
    C:\Users\Daniel\AppData\Local\Temp\SIntf32.dll
    C:\Users\Daniel\AppData\Local\Temp\SIntfNT.dll
    C:\Users\Daniel\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Daniel\AppData\Local\Temp\TINspireStudent-3.1.0.392.exe
    C:\Users\Daniel\AppData\Local\Temp\ubi276F.tmp.exe
    C:\Users\Daniel\AppData\Local\Temp\ubi3322.tmp.exe
    C:\Users\Daniel\AppData\Local\Temp\ubi785B.tmp.exe
    C:\Users\Daniel\AppData\Local\Temp\ubi91FB.tmp.exe
    C:\Users\Daniel\AppData\Local\Temp\ubi9EF1.tmp.exe
    C:\Users\Daniel\AppData\Local\Temp\ubiB9DE.tmp.exe
    C:\Users\Daniel\AppData\Local\Temp\ubiD78.tmp.exe
    C:\Users\Daniel\AppData\Local\Temp\ubiEC05.tmp.exe
    C:\Users\Daniel\AppData\Local\Temp\ubiFB02.tmp.exe
    
    
    ==================== Bamital & volsnap Check =================
    
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    
    ==================== End Of Log ============================
             

-------------------------Die maximale Länge des Posts wurde überschritten, ich hänge die restlichen Logfiles (Addition.txt und gmer.txt) laut Anleitung als "Anhang" an diesen Post dran.---------------

Alt 02.01.2014, 15:15   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Hallo und

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 02.01.2014, 16:47   #3
TheMrDJJ
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



[EDIT]: Es tut sich nun doch etwas, mal sehen, ob es klappt!

Danke für die Begrüßung und die schnelle Antwort!

Ich habe gerade versucht Combofix auszuführen.
Der Installationsprozess und das Backup der Registry durchlaufen problemlos, dann aber schließt sich Combofix und nichts weiteres passiert.
Ich habe es mal mit dem Task-Manager beobachtet, der Prozess combofix.exe schließt sich sofort, sobald der grüne Balken am Ende angekommen ist.

Die Real-Time-Protection in Security Essentials habe ich abgeschaltet, und bei der Trial-Version von MBAM ist die sowieso nicht dabei.
Muss ich noch irgendein anderes Programm abschalten?

Hat nun doch geklappt mit Combofix.
Beim Neustart gab es keine Fehlermeldung.

Allerdings hat Combofix 36 GB an Daten gelöscht, ich hoffe, da war nichts wichtiges dabei...

Hier ist die combofix.txt:
Code:
ATTFilter
ComboFix 14-01-01.01 - Juschus 02/01/2014  16:05:29.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.6125.3769 [GMT 1:00]
Running from: c:\users\Daniel\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\Daniel\AppData\Roaming\0ad
c:\users\Daniel\AppData\Roaming\0ad\config\user.cfg
c:\users\Juschus\AppData\Roaming\Mozilla\Firefox\Profiles\qd1qav5j.default\extensions\50dc5ae0690d8@50dc5ae069111.com
c:\users\Juschus\AppData\Roaming\Mozilla\Firefox\Profiles\qd1qav5j.default\extensions\50dc5ae0690d8@50dc5ae069111.com\bootstrap.js
c:\users\Juschus\AppData\Roaming\Mozilla\Firefox\Profiles\qd1qav5j.default\extensions\50dc5ae0690d8@50dc5ae069111.com\chrome.manifest
c:\users\Juschus\AppData\Roaming\Mozilla\Firefox\Profiles\qd1qav5j.default\extensions\50dc5ae0690d8@50dc5ae069111.com\content\bg.js
c:\users\Juschus\AppData\Roaming\Mozilla\Firefox\Profiles\qd1qav5j.default\extensions\50dc5ae0690d8@50dc5ae069111.com\content\zy.xul
c:\users\Juschus\AppData\Roaming\Mozilla\Firefox\Profiles\qd1qav5j.default\extensions\50dc5ae0690d8@50dc5ae069111.com\install.rdf
c:\users\Magda\AppData\Roaming\system32
c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-02 to 2014-01-02  )))))))))))))))))))))))))))))))
.
.
2014-01-02 15:20 . 2014-01-02 15:20	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-01-02 15:20 . 2014-01-02 15:20	--------	d-----w-	c:\users\Magda\AppData\Local\temp
2014-01-02 15:20 . 2014-01-02 15:20	--------	d-----w-	c:\users\Frank\AppData\Local\temp
2014-01-02 15:20 . 2014-01-02 15:20	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-01-02 15:20 . 2014-01-02 15:20	--------	d-----w-	c:\users\Juschus\AppData\Local\temp
2014-01-02 14:46 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{890F3200-68E3-41EF-9061-7ACBAF1D63C6}\mpengine.dll
2014-01-02 14:02 . 2014-01-02 14:02	--------	d-----w-	c:\users\Daniel\Logfiles
2014-01-02 13:51 . 2014-01-02 13:51	--------	d-----w-	c:\program files (x86)\7-Zip
2014-01-02 13:06 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-01 21:16 . 2014-01-02 12:45	--------	d-----w-	C:\FRST
2014-01-01 21:08 . 2014-01-01 21:08	--------	d-----w-	c:\users\Daniel\AppData\Roaming\Malwarebytes
2014-01-01 19:48 . 2014-01-01 19:48	--------	d-----w-	c:\program files\CCleaner
2014-01-01 19:46 . 2014-01-01 19:46	--------	d-----w-	c:\users\Juschus\AppData\Roaming\Malwarebytes
2014-01-01 19:45 . 2014-01-01 19:45	--------	d-----w-	c:\programdata\Malwarebytes
2014-01-01 19:45 . 2013-04-04 13:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-01-01 19:45 . 2014-01-01 19:46	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-01 13:50 . 2013-12-23 01:34	13824	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\hkeys.dll
2014-01-01 13:50 . 2013-12-23 01:34	60400	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\VMCX_SP2.dll
2014-01-01 13:50 . 2013-12-23 01:34	60400	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\VMCX_AP.dll
2014-01-01 13:50 . 2013-12-23 01:34	56304	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaIScnX_AP.dll
2014-01-01 13:50 . 2013-12-23 01:34	56304	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaIScnX.dll
2014-01-01 13:50 . 2013-12-23 01:34	19952	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaNET_AP.dll
2014-01-01 13:50 . 2013-12-23 01:34	19440	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaNET.dll
2014-01-01 13:50 . 2013-12-23 01:34	16368	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\ViMaCoreX.dll
2013-12-30 15:25 . 2013-12-30 15:26	--------	d-----w-	c:\program files (x86)\Multi Crew Experience Aerosoft AXA
2013-12-30 15:21 . 2013-10-28 09:00	305752	----a-r-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\FsInsider.dll
2013-12-30 15:15 . 2013-12-30 15:15	93153	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unRAASProfessional_Locked_FSX.exe
2013-12-30 15:15 . 2013-12-30 15:15	--------	d-----w-	c:\users\Juschus\AppData\Roaming\RAASPRO
2013-12-30 15:14 . 2013-10-24 07:25	1064960	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X Extended Base\Panel_Fallback\DLLs\fmgs.dll
2013-12-30 15:14 . 2013-10-08 07:56	440320	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X Extended Base\Panel_Fallback\ND\AB_ND_GDI.dll
2013-12-30 15:14 . 2013-09-16 12:27	69632	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X Extended Base\Panel_Fallback\DLLs\FBW.dll
2013-12-30 15:14 . 2013-09-16 12:27	25600	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X Extended Base\Panel_Fallback\DLLs\AsInput.dll
2013-12-30 15:13 . 2013-10-22 06:51	37376	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X Extended Base\Panel_Fallback\AirbusXE.dll
2013-12-30 15:13 . 2013-09-16 12:27	109056	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X Extended Base\Panel_Fallback\ASC.DLL
2013-12-30 15:12 . 2013-09-16 12:25	109056	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X A321 Extended IAE\panel\ASC.DLL
2013-12-30 15:12 . 2013-09-16 12:23	109056	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X A321 Extended CFM NEO\Panel\ASC.DLL
2013-12-30 15:12 . 2013-09-16 12:29	109056	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X A321 Extended CFM\Panel\ASC.DLL
2013-12-30 15:12 . 2013-09-16 12:25	109056	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X A320 Extended IAE NEO\Panel\ASC.DLL
2013-12-30 15:11 . 2013-09-16 12:24	109056	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X A320 Extended IAE\Panel\ASC.DLL
2013-12-30 15:11 . 2013-09-16 12:23	109056	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X A320 Extended CFM NEO\Panel\ASC.DLL
2013-12-30 15:11 . 2013-09-16 12:29	109056	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X A320 Extended CFM\Panel\ASC.DLL
2013-12-30 15:11 . 2013-09-16 12:25	109056	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Aerosoft Airbus X A321 Extended IAE NEO\panel\ASC.DLL
2013-12-30 15:08 . 2013-09-16 11:47	122768860	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Airbus X Extended\SupportFile_FS2Crew RAAS Pro AirbusX\FS2Crew RAAS Pro AirbusX.exe
2013-12-30 15:08 . 2013-09-16 12:21	10240	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Airbus X Extended\CoRteSplitter\CoRteSplitter.exe
2013-12-30 15:08 . 2013-09-16 12:21	167936	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Airbus X Extended\AXE Livery Manager\unzip.exe
2013-12-30 15:08 . 2013-09-16 12:21	135168	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Airbus X Extended\AXE Livery Manager\zip.exe
2013-12-30 15:08 . 2013-09-16 12:08	93184	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Airbus X Extended\CompanyRouteEditor\AXE CoRte Editor.exe
2013-12-30 15:08 . 2013-10-07 06:53	549000	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Flight Recorder\AS-FlightRecorderManager.exe
2013-12-30 15:08 . 2013-10-07 06:53	240776	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Flight Recorder\AS-FlightRecorder.dll
2013-12-30 15:08 . 2013-09-16 12:21	2514944	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Airbus X Extended\AXE Livery Manager\Airbus X Extended Livery Manager.exe
2013-12-30 15:08 . 2013-09-16 12:08	921600	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Airbus X Extended\AirbusXConnectExtended.exe
2013-12-30 15:08 . 2013-09-16 12:08	683520	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Airbus X Extended\Aerosoft.AirbusX.FuelPlanner.exe
2013-12-30 15:08 . 2013-09-16 12:08	290816	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Airbus X Extended\Aerosoft.AirbusX.Configurator.exe
2013-12-30 15:08 . 2012-12-13 09:26	877896	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Uninstall_Airbus-X-Extended.exe
2013-12-23 17:22 . 2013-12-23 17:22	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-12-23 17:22 . 2013-12-23 17:22	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-12-23 17:22 . 2013-12-23 17:22	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-12-23 17:22 . 2013-12-23 17:22	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-12-23 17:22 . 2013-12-23 17:22	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-12-23 17:22 . 2013-12-23 17:22	--------	d-----w-	c:\program files (x86)\QuickTime
2013-12-22 14:22 . 2013-12-22 14:21	725002	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins003.exe
2013-12-22 14:21 . 2013-12-22 14:21	725514	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins002.exe
2013-12-21 11:33 . 2013-12-21 11:33	--------	d-----w-	c:\users\Daniel\ItchySynths_Overdose_Suite
2013-12-19 12:03 . 2013-12-19 12:03	--------	d-----w-	c:\users\Juschus\AppData\Local\OMSI AM
2013-12-19 12:03 . 2013-12-19 12:03	--------	d-----w-	c:\program files (x86)\OMSI Addon Manager
2013-12-18 08:45 . 2013-12-18 08:45	--------	dc-h--w-	c:\programdata\{9D18D848-CED5-4665-9D6C-AC997FC4BCDD}
2013-12-18 08:45 . 2013-12-18 08:45	--------	dc-h--w-	c:\programdata\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2013-12-14 12:13 . 2013-12-14 12:14	--------	d-----w-	c:\users\Daniel\AppData\Roaming\HpUpdate
2013-12-11 19:13 . 2013-05-10 04:30	167424	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 19:13 . 2013-05-10 03:48	164864	----a-w-	c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-11 19:13 . 2013-05-10 05:56	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2013-12-11 19:13 . 2013-05-10 04:56	12625408	----a-w-	c:\windows\SysWow64\wmploc.DLL
2013-12-11 19:13 . 2013-05-10 05:56	14631424	----a-w-	c:\windows\system32\wmp.dll
2013-12-11 13:58 . 2013-10-30 02:32	335360	----a-w-	c:\windows\system32\msieftp.dll
2013-12-11 13:58 . 2013-10-30 02:19	301568	----a-w-	c:\windows\SysWow64\msieftp.dll
2013-12-11 13:58 . 2013-11-23 18:26	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-12-11 13:58 . 2013-11-23 17:47	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-12-11 13:58 . 2013-10-30 01:24	3155968	----a-w-	c:\windows\system32\win32k.sys
2013-12-11 13:58 . 2013-10-19 02:18	81408	----a-w-	c:\windows\system32\imagehlp.dll
2013-12-11 13:58 . 2013-10-19 01:36	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2013-12-11 13:58 . 2013-11-12 02:23	2048	----a-w-	c:\windows\system32\tzres.dll
2013-12-11 13:58 . 2013-11-12 02:07	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-12-11 13:57 . 2013-10-12 02:32	150016	----a-w-	c:\windows\system32\wshom.ocx
2013-12-11 13:57 . 2013-10-12 02:04	121856	----a-w-	c:\windows\SysWow64\wshom.ocx
2013-12-11 13:57 . 2013-10-12 01:33	156160	----a-w-	c:\windows\system32\cscript.exe
2013-12-11 13:57 . 2013-10-04 02:16	116736	----a-w-	c:\windows\system32\drivers\drmk.sys
2013-12-11 13:57 . 2013-10-04 01:36	230400	----a-w-	c:\windows\system32\drivers\portcls.sys
2013-12-11 13:57 . 2013-10-12 02:31	202752	----a-w-	c:\windows\system32\scrrun.dll
2013-12-11 13:57 . 2013-10-12 02:03	163840	----a-w-	c:\windows\SysWow64\scrrun.dll
2013-12-11 13:57 . 2013-10-12 01:33	168960	----a-w-	c:\windows\system32\wscript.exe
2013-12-11 13:57 . 2013-10-12 01:15	141824	----a-w-	c:\windows\SysWow64\wscript.exe
2013-12-11 13:57 . 2013-10-12 01:15	126976	----a-w-	c:\windows\SysWow64\cscript.exe
2013-12-07 11:04 . 2013-12-07 11:08	--------	d-----w-	c:\users\Daniel\AppData\Local\HP
2013-12-07 11:03 . 2013-12-07 11:03	--------	d-----w-	c:\program files (x86)\Hewlett-Packard
2013-12-07 11:02 . 2013-12-07 11:02	--------	d-----w-	c:\program files (x86)\HP Photo Creations
2013-12-07 11:02 . 2013-12-07 11:02	--------	d-----w-	c:\programdata\Visan
2013-12-07 11:02 . 2013-12-07 11:02	--------	d-----w-	c:\programdata\HP Photo Creations
2013-12-07 11:01 . 2013-12-07 11:01	--------	d-----w-	c:\users\Juschus\AppData\Roaming\HpUpdate
2013-12-07 11:01 . 2012-10-17 03:31	741480	------w-	c:\windows\system32\HPDiscoPMB111.dll
2013-12-07 10:59 . 2013-12-07 10:59	--------	d-----w-	c:\programdata\HP
2013-12-07 10:59 . 2013-12-07 11:01	--------	d-----w-	c:\program files (x86)\HP
2013-12-07 10:57 . 2013-12-07 10:57	--------	d-----w-	c:\program files\HP
2013-12-07 10:52 . 2013-12-07 10:52	--------	d-----w-	c:\users\Juschus\AppData\Local\HP
2013-12-06 16:49 . 2013-10-18 18:01	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{95F3D8EE-871F-4499-AA66-ABC861A56C48}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-15 13:00 . 2012-05-31 16:35	90708896	----a-w-	c:\windows\system32\MRT.exe
2013-12-11 16:32 . 2012-03-30 18:12	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 16:32 . 2011-08-25 04:05	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 14:06 . 2013-04-29 19:06	566480	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-11-19 10:21 . 2010-11-21 03:27	267936	------w-	c:\windows\system32\MpSigStub.exe
2013-10-20 09:43 . 2013-10-20 09:43	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-10-20 09:43 . 2013-10-20 09:43	312744	----a-w-	c:\windows\system32\javaws.exe
2013-10-20 09:43 . 2013-10-20 09:43	189352	----a-w-	c:\windows\system32\javaw.exe
2013-10-20 09:43 . 2013-10-20 09:43	189352	----a-w-	c:\windows\system32\java.exe
2013-10-20 09:33 . 2013-10-20 09:33	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-18 18:01 . 2012-02-10 18:28	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-12 02:30 . 2013-11-13 17:34	830464	----a-w-	c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 17:34	859648	----a-w-	c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 17:34	324096	----a-w-	c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 17:34	656896	----a-w-	c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 17:34	216576	----a-w-	c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-13 17:34	1474048	----a-w-	c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-13 17:34	1168384	----a-w-	c:\windows\SysWow64\crypt32.dll
2006-05-03 10:06	163328	--sha-r-	c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47	31232	--sha-r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30	216064	--sha-r-	c:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-12-11 14:07	1727176	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-12-11 14:07	1727176	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-12-11 14:07	1727176	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoftAuto.exe"="c:\program files (x86)\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2013-01-16 2736128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-05-02 500736]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-05-31 2801288]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Reader Library Launcher"="c:\program files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe" [2010-07-13 906648]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"Reader Application Helper"="c:\program files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2013-03-18 899400]
"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2012-10-16 646744]
"KORG USB-MIDI Driver"="c:\program files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe" [2013-01-07 394248]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
c:\users\Juschus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OMSI Addon Manager.lnk - c:\program files (x86)\OMSI Addon Manager\OMSI Addon Manager.exe -silent [2013-12-19 737280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi8"=KORGUM64.DRV
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Internet Manager. RunOuc;Internet Manager. OUC;c:\program files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe;c:\program files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [x]
R2 pr2ah4nb;DiRT Drivers Auto Removal (pr2ah4nb);c:\windows\system32\pr2ah4nb.exe svc;c:\windows\SYSNATIVE\pr2ah4nb.exe svc [x]
R2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);c:\windows\system32\pr2ah4nc.exe svc;c:\windows\SYSNATIVE\pr2ah4nc.exe svc [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 bomemidi;Bome's Virtual MIDI Port;c:\windows\system32\drivers\bomemidi.sys;c:\windows\SYSNATIVE\drivers\bomemidi.sys [x]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [x]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\Drivers\KORGUM64.SYS;c:\windows\SYSNATIVE\Drivers\KORGUM64.SYS [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBTINSP;TI-Nspire(TM) Handheld or TI Network Bridge Device Driver;c:\windows\system32\DRIVERS\tinspusb.sys;c:\windows\SYSNATIVE\DRIVERS\tinspusb.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 pe3ah4nb;DiRT Environment Driver (pe3ah4nb);c:\windows\system32\drivers\pe3ah4nb.sys;c:\windows\SYSNATIVE\drivers\pe3ah4nb.sys [x]
S0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);c:\windows\system32\drivers\pe3ah4nc.sys;c:\windows\SYSNATIVE\drivers\pe3ah4nc.sys [x]
S0 ps6ah4nb;DiRT Synchronization Driver (ps6ah4nb);c:\windows\system32\drivers\ps6ah4nb.sys;c:\windows\SYSNATIVE\drivers\ps6ah4nb.sys [x]
S0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);c:\windows\system32\drivers\ps6ah4nc.sys;c:\windows\SYSNATIVE\drivers\ps6ah4nc.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 MOBK649Filter;MOBK649Filter;c:\windows\system32\DRIVERS\MOBK649.sys;c:\windows\SYSNATIVE\DRIVERS\MOBK649.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 MOBK649backup;McAfee Online Backup Service;c:\program files (x86)\McAfee Online Backup\MOBK649backup.exe;c:\program files (x86)\McAfee Online Backup\MOBK649backup.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsnxc64.sys;c:\windows\SYSNATIVE\drivers\risdsnxc64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 bomebus;Bome's Virtual MIDI Port Bus Service;c:\windows\system32\DRIVERS\bomebus.sys;c:\windows\SYSNATIVE\DRIVERS\bomebus.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe;c:\program files\Sony\VAIO Update Common\VUAgent.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2013-01-16 10:46	454176	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 16:32]
.
2014-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 12:13]
.
2014-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 12:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-12-11 14:07	2331336	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-12-11 14:07	2331336	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-12-11 14:07	2331336	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK649]
@="{7d7a9cff-a4c1-f2b8-7421-c722f7eac08a}"
[HKEY_CLASSES_ROOT\CLSID\{7d7a9cff-a4c1-f2b8-7421-c722f7eac08a}]
2011-04-18 21:00	4734264	----a-w-	c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK6492]
@="{658e5c17-2ba4-ed79-d884-37ebe15e7b9b}"
[HKEY_CLASSES_ROOT\CLSID\{658e5c17-2ba4-ed79-d884-37ebe15e7b9b}]
2011-04-18 21:00	4734264	----a-w-	c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK6493]
@="{22f1b264-d4dd-ef46-08eb-3eb0c80441ba}"
[HKEY_CLASSES_ROOT\CLSID\{22f1b264-d4dd-ef46-08eb-3eb0c80441ba}]
2011-04-18 21:00	4734264	----a-w-	c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-20 11895400]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-20 2226280]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-07-05 947360]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-07-05 797344]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\Drivers32]
"midi8"=KORGUM64.DRV
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://vaioportal.sony.eu
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Juschus\AppData\Roaming\Mozilla\Firefox\Profiles\qd1qav5j.default\
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{F263F5E4-C485-C3E7-0A30-6E0664620DAF} - c:\programdata\SaveByclick\50dc5ae069268.dll
ShellIconOverlayIdentifiers-{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} - (no file)
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-FSX - Airbus A300-600ST Beluga_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins005.exe
AddRemove-FSX - Airbus A319-100 Lufthansa_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins004.exe
AddRemove-FSX - Airbus A319-100 Swiss_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins029.exe
AddRemove-FSX - Airbus A320-200 Aer Lingus_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins023.exe
AddRemove-FSX - Airbus A320-200 Iberia_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins039.exe
AddRemove-FSX - Airbus A330-200 Aer Lingus_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins016.exe
AddRemove-FSX - Airbus A330-200 Air Berlin_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins017.exe
AddRemove-FSX - Airbus A330-200 Alitalia_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins018.exe
AddRemove-FSX - Airbus A330-200 Basepack_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins015.exe
AddRemove-FSX - Airbus A330-200 Lufthansa_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins019.exe
AddRemove-FSX - Airbus A330-200 Qantas_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins020.exe
AddRemove-FSX - Airbus A330-200 Swiss_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins022.exe
AddRemove-FSX - Airbus A340-200 Basepack_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins004.exe
AddRemove-FSX - Airbus A340-200 South African Airways_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins005.exe
AddRemove-FSX - Airbus A340-300 Air France_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins031.exe
AddRemove-FSX - Airbus A340-300 Basepack_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins030.exe
AddRemove-FSX - Airbus A340-300 Lufthansa_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins032.exe
AddRemove-FSX - Airbus A340-300 Swiss_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins033.exe
AddRemove-FSX - Antonov AN-124_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins009.exe
AddRemove-FSX - Boeing 757-200 Basepack_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins006.exe
AddRemove-FSX - Boeing 757-200 Iberia_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins037.exe
AddRemove-FSX - Boeing 757-200 Thomas Cook Airlines_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins007.exe
AddRemove-FSX - Boeing 777-300 Basepack_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins026.exe
AddRemove-FSX - Boeing 777-300 KLM_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins027.exe
AddRemove-FSX - Boeing T-45C Goshawk_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins040.exe
AddRemove-FSX - Bombardier CL-604 v2_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins012.exe
AddRemove-FSX - Bombardier Learjet 60_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins008.exe
AddRemove-FSX - British Aerospace BAe 146-200 Basepack_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins013.exe
AddRemove-FSX - British Aerospace BAe 146-200 Brussels Airlines_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins014.exe
AddRemove-FSX - British Aerospace BAe 146-200 Qantas Link_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins021.exe
AddRemove-FSX - Cessna Citation X_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins006.exe
AddRemove-FSX - Concorde_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins025.exe
AddRemove-FSX - Dassault Falcon 7X_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins007.exe
AddRemove-FSX - Flight Design CTSW_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins041.exe
AddRemove-FSX - McDonnell Douglas MD-11F Basepack_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins035.exe
AddRemove-FSX - McDonnell Douglas MD-11F UPS_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins036.exe
AddRemove-FSX - Piaggio PD-808_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins010.exe
AddRemove-FSX - Raytheon Hawker HS-125-800XP_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins011.exe
AddRemove-FSX - Space Shuttle Atlantis_is1 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins028.exe
AddRemove-ICON A5 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Uninst_IconA5_100.exe
AddRemove-{26B5A6D1-1F75-3B59-5825-E4D4CAE3445D} - c:\programdata\SaveByclick\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-02  16:36:03
ComboFix-quarantined-files.txt  2014-01-02 15:36
.
Pre-Run: 74,236,547,072 bytes free
Post-Run: 92,549,603,328 bytes free
.
- - End Of File - - A0FD3D57DC240BD9FD2F9F23EF5AB494
         
__________________

Geändert von TheMrDJJ (02.01.2014 um 16:00 Uhr)

Alt 03.01.2014, 11:29   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.01.2014, 18:56   #5
TheMrDJJ
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Bis jetzt hatte ich keine Probleme mehr, sieht so aus, als wäre es weg!

Vielen Dank!
  • AdwCleaner[S0].txt (adwCleaner):
    Code:
    ATTFilter
    # AdwCleaner v3.016 - Report created 03/01/2014 at 18:09:10
    # Updated 23/12/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Juschus - JUSCHUS-VAIO
    # Running from : C:\Users\Daniel\Desktop\adwcleaner.exe
    # Option : Clean
    
    ***** [ Services ] *****
    
    
    ***** [ Files / Folders ] *****
    
    Folder Deleted : C:\ProgramData\NCH Software
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick
    Folder Deleted : C:\Users\Daniel\AppData\Roaming\NCH Software
    Folder Deleted : C:\Users\Magda\AppData\LocalLow\SaveByclick
    File Deleted : C:\Windows\System32\Tasks\LaunchApp
    File Deleted : C:\Windows\System32\Tasks\NCH Software
    
    ***** [ Shortcuts ] *****
    
    
    ***** [ Registry ] *****
    
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FSX - McDonnell Douglas MD-11F UPS_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_dj-promixer_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_dj-promixer_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_openbve_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_openbve_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_screenhunter_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_screenhunter_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_simutrans_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_simutrans_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_zulu-dj_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_zulu-dj_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\OCS
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKLM\Software\DeviceVM
    Key Deleted : HKLM\Software\PIP
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26B5A6D1-1F75-3B59-5825-E4D4CAE3445D}
    Key Deleted : [x64] HKLM\SOFTWARE\Description
    Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
    
    ***** [ Browsers ] *****
    
    -\\ Internet Explorer v10.0.9200.16750
    
    
    -\\ Mozilla Firefox v26.0 (de)
    
    [ File : C:\Users\Juschus\AppData\Roaming\Mozilla\Firefox\Profiles\qd1qav5j.default\prefs.js ]
    
    Line Deleted : user_pref("extensions.50dc5ae069184.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};(function(){if(window.self==window.top&&!document.getElementById('shk85shs[...]
    
    [ File : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default\prefs.js ]
    
    
    [ File : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\w9n4ov7i.default\prefs.js ]
    
    
    [ File : C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\411kskja.default\prefs.js ]
    
    
    *************************
    
    AdwCleaner[R0].txt - [4432 octets] - [03/01/2014 18:07:52]
    AdwCleaner[S0].txt - [4268 octets] - [03/01/2014 18:09:10]
    
    ########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [4328 octets] ##########
             
  • JRT.txt (JRT):
    Code:
    ATTFilter
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.9 (01.01.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Juschus on 03/01/2014 at 18:15:28.36
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    
    
    
    
    ~~~ Services
    
    
    
    ~~~ Registry Values
    
    
    
    ~~~ Registry Keys
    
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F263F5E4-C485-C3E7-0A30-6E0664620DAF}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F263F5E4-C485-C3E7-0A30-6E0664620DAF}
    
    
    
    ~~~ Files
    
    
    
    ~~~ Folders
    
    
    
    ~~~ FireFox
    
    Emptied folder: C:\Users\Juschus\AppData\Roaming\mozilla\firefox\profiles\qd1qav5j.default\minidumps [20 files]
    
    
    
    ~~~ Event Viewer Logs were cleared
    
    
    
    
    
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 03/01/2014 at 18:21:33.31
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             
  • FRST.txt (FRST):

    FRST Logfile:

    FRST Logfile:
    Code:
    ATTFilter
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2014
    Ran by Daniel (ATTENTION: The logged in user is not administrator) on JUSCHUS-VAIO on 03-01-2014 18:50:31
    Running from C:\Users\Daniel\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal
    
    ==================== Processes (Whitelisted) =================
    
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
    () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    (KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
    
    
    ==================== Registry (Whitelisted) ==================
    
    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-07-20] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-07-20] (Realtek Semiconductor)
    HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [947360 2011-07-05] (Atheros Commnucations)
    HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [797344 2011-07-05] (Atheros Commnucations)
    HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-06-22] (Synaptics Incorporated)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
    HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
    HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
    HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
    HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
    HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2801288 2011-05-31] (Sony Corporation)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
    HKLM-x32\...\Run: [Reader Library Launcher] - C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [906648 2010-07-13] (Sony Corporation)
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
    HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-03-18] (Sony Corporation)
    HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
    HKLM-x32\...\Run: [] - [x]
    HKLM-x32\...\Run: [KORG USB-MIDI Driver] - C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [394248 2013-01-08] (KORG Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
    HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
    HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
    HKCU\...\Run: [HP Photosmart 5520 series (NET)] - C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
    MountPoints2: {c689b126-9c52-11e2-a115-f0bf97d8419f} - E:\AutoRun.exe
    MountPoints2: {c689b163-9c52-11e2-a115-f0bf97d8419f} - E:\AutoRun.exe
    MountPoints2: {c689b1ce-9c52-11e2-a115-f0bf97d8419f} - E:\AutoRun.exe
    
    ==================== Internet (Whitelisted) ====================
    
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
    URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKCU - {E7914903-6BD3-46C4-9170-66424A6A5837} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
    SearchScopes: HKCU - {F2183BDB-43CB-43F5-923E-65950E296EC5} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=hxxp://shop.ebay.co.uk/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
    BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    
    FireFox:
    ========
    FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @sony.com/eBookLibrary - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
    FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
    FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
    FF Extension: WOT - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    FF Extension: Ghostery - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default\Extensions\firefox@ghostery.com.xpi
    FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    
    Chrome: 
    =======
    CHR HomePage: hxxp://www.google.com/
    CHR RestoreOnStartup: "hxxp://www.google.com/"
    CHR Extension: (Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
    CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
    CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
    CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
    CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
    CHR HKLM-x32\...\Chrome\Extension: [ikpkdkdpjekaglclmjjgaghjfnmbjegm] - C:\ProgramData\SaveByclick\ikpkdkdpjekaglclmjjgaghjfnmbjegm.crx
    
    ==================== Services (Whitelisted) =================
    
    S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros)
    R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd)
    S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd)
    S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
    R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
    S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] ()
    R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
    R2 MOBK649backup; C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe [223544 2011-04-18] (McAfee, Inc.)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
    R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
    S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
    S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
    R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
    S2 pr2ah4nb; C:\Windows\system32\pr2ah4nb.exe [777576 2007-07-19] (CODEMASTERS)
    S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS)
    R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259512 2011-07-22] (Sony Corporation)
    S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
    R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
    S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
    R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
    
    ==================== Drivers (Whitelisted) ====================
    
    R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
    S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2012-01-03] ()
    R3 bomebus; C:\Windows\System32\DRIVERS\bomebus.sys [34376 2010-10-12] (Bome Software)
    S3 bomemidi; C:\Windows\System32\drivers\bomemidi.sys [30792 2010-10-12] (Bome Software)
    S2 CdaC15BA; C:\Windows\SysWow64\drivers\CdaC15BA.SYS [12464 2013-06-08] (Macrovision Europe Ltd)
    S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [239104 2012-09-18] (Huawei Technologies Co., Ltd.)
    S3 KORGUMDS; C:\Windows\System32\Drivers\KORGUM64.SYS [34288 2013-01-08] (KORG INC.)
    R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-01-03] ()
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
    R1 MOBK649Filter; C:\Windows\System32\DRIVERS\MOBK649.sys [66040 2011-04-18] (Mozy, Inc.)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
    S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
    R0 pe3ah4nb; C:\Windows\System32\drivers\pe3ah4nb.sys [72296 2007-07-19] (CODEMASTERS)
    R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS)
    R0 ps6ah4nb; C:\Windows\System32\drivers\ps6ah4nb.sys [102000 2007-07-19] (CODEMASTERS)
    R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS)
    R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2011-06-23] (REDC)
    S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2012-03-06] (Texas Instruments)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    S3 catchme; \??\C:\ComboFix\catchme.sys [x]
    S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [x]
    S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [x]
    
    ==================== NetSvcs (Whitelisted) ===================
    
    
    ==================== One Month Created Files and Folders ========
    
    2014-01-03 18:50 - 2014-01-03 18:50 - 00021501 _____ C:\Users\Daniel\Desktop\FRST.txt
    2014-01-03 18:49 - 2014-01-03 18:49 - 00001034 _____ C:\Users\Daniel\Desktop\JRT.txt
    2014-01-03 18:48 - 2014-01-03 18:48 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-03 18:21 - 2014-01-03 18:21 - 00001034 _____ C:\Users\Juschus\Desktop\JRT.txt
    2014-01-03 18:15 - 2014-01-03 18:15 - 00000000 ____D C:\Windows\ERUNT
    2014-01-03 18:09 - 2014-01-03 18:09 - 00004422 _____ C:\Users\Daniel\Desktop\AdwCleaner[S0].txt
    2014-01-03 18:07 - 2014-01-03 18:49 - 00000000 ____D C:\AdwCleaner
    2014-01-03 18:06 - 2014-01-03 18:06 - 01036305 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
    2014-01-03 18:05 - 2014-01-03 18:05 - 01233962 _____ C:\Users\Daniel\Desktop\adwcleaner.exe
    2014-01-02 18:53 - 2014-01-02 18:53 - 00000222 _____ C:\Users\Daniel\Desktop\OMSI 2.url
    2014-01-02 16:36 - 2014-01-02 16:36 - 00051090 _____ C:\ComboFix.txt
    2014-01-02 16:01 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
    2014-01-02 16:01 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
    2014-01-02 16:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2014-01-02 16:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2014-01-02 16:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2014-01-02 16:01 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
    2014-01-02 16:01 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
    2014-01-02 16:01 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
    2014-01-02 15:42 - 2014-01-02 15:42 - 00000381 _____ C:\Users\Daniel\Desktop\combofixfail.txt
    2014-01-02 15:32 - 2014-01-02 15:21 - 05160282 ____R (Swearware) C:\Users\Juschus\Desktop\ComboFix.exe
    2014-01-02 15:24 - 2014-01-02 16:36 - 00000000 ____D C:\Qoobox
    2014-01-02 15:24 - 2014-01-02 16:34 - 00000000 ____D C:\Windows\erdnt
    2014-01-02 15:02 - 2014-01-02 15:02 - 00013506 _____ C:\Users\Daniel\Desktop\Logfiles.zip
    2014-01-02 14:51 - 2014-01-02 14:51 - 00000000 ____D C:\Program Files (x86)\7-Zip
    2014-01-02 14:29 - 2014-01-02 14:52 - 00060654 _____ C:\Users\Daniel\Desktop\trojanerboardredirect1.txt
    2014-01-02 14:13 - 2014-01-02 14:13 - 809872641 _____ C:\Windows\MEMORY.DMP
    2014-01-02 14:13 - 2014-01-02 14:13 - 00000000 ____D C:\Windows\Minidump
    2014-01-02 14:06 - 2014-01-02 14:06 - 00008478 _____ C:\Users\Daniel\Desktop\gmer.txt
    2014-01-02 13:54 - 2014-01-01 23:00 - 18432780 _____ C:\Users\Daniel\Desktop\MPLog-12262011-171356.log
    2014-01-02 13:54 - 2014-01-01 23:00 - 00012116 _____ C:\Users\Daniel\Desktop\MPDetection-12222013-210925.log
    2014-01-02 13:45 - 2014-01-03 18:50 - 00000000 ____D C:\Users\Daniel\Desktop\FRST-OlderVersion
    2014-01-02 13:44 - 2014-01-02 13:44 - 00000476 _____ C:\Users\Daniel\Desktop\defogger_disable.log
    2014-01-01 22:16 - 2014-01-03 18:50 - 00000000 ____D C:\FRST
    2014-01-01 22:15 - 2014-01-01 22:15 - 00000000 _____ C:\Users\Juschus\defogger_reenable
    2014-01-01 22:11 - 2014-01-03 18:50 - 01931750 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
    2014-01-01 22:11 - 2014-01-01 22:11 - 00377856 _____ C:\Users\Daniel\Desktop\gmer_2.1.19163.exe
    2014-01-01 22:11 - 2014-01-01 22:11 - 00050477 _____ C:\Users\Daniel\Desktop\Defogger.exe
    2014-01-01 22:08 - 2014-01-01 22:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes
    2014-01-01 20:46 - 2014-01-01 20:46 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
    2014-01-01 20:46 - 2014-01-01 20:46 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\Malwarebytes
    2014-01-01 20:45 - 2014-01-01 20:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-01-01 20:45 - 2014-01-01 20:45 - 00000000 ____D C:\ProgramData\Malwarebytes
    2014-01-01 20:45 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-01-01 14:50 - 2014-01-01 14:50 - 00002475 _____ C:\Users\Public\Desktop\AESHelp for FSX.lnk
    2014-01-01 13:51 - 2014-01-01 13:53 - 33146870 _____ C:\Users\Daniel\Downloads\Ursus tractor and trailers v11.zip
    2014-01-01 13:49 - 2014-01-01 13:51 - 20036311 _____ C:\Users\Daniel\Downloads\kamaz master v1.2 .zip
    2014-01-01 13:49 - 2014-01-01 13:49 - 07091447 _____ C:\Users\Daniel\Downloads\landcruiserhdj80-v1-2.zip
    2014-01-01 13:48 - 2014-01-01 13:49 - 10023942 _____ C:\Users\Daniel\Downloads\actros4141.zip
    2014-01-01 13:48 - 2014-01-01 13:48 - 02218739 _____ C:\Users\Daniel\Downloads\SchoolBus.zip
    2014-01-01 13:47 - 2014-01-01 13:48 - 10502887 _____ C:\Users\Daniel\Downloads\UAZ_2206.zip
    2014-01-01 13:41 - 2014-01-01 13:42 - 05014217 _____ C:\Users\Daniel\Downloads\lancer_evo_v2.zip
    2014-01-01 12:25 - 2014-01-01 14:43 - 00000000 ____D C:\Users\Daniel\Downloads\STBuild120713Dev
    2013-12-31 12:36 - 2013-12-31 12:36 - 00000000 ____D C:\Users\Daniel\Documents\Visual Studio 2008
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002879 _____ C:\Users\Juschus\Desktop\Aviation Jargon Speech Trainer.lnk
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002865 _____ C:\Users\Juschus\Desktop\MCE Aerosoft A320-321.lnk
    2013-12-30 16:25 - 2013-12-30 16:26 - 00000000 ____D C:\Program Files (x86)\Multi Crew Experience Aerosoft AXA
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001744 _____ C:\Users\Public\Desktop\RAAS Pro Aerosoft Info.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001664 _____ C:\Users\Public\Desktop\FS2Crew Airbus X Coupon Code.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001539 _____ C:\Users\Public\Desktop\RAAS Pro Manual.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001524 _____ C:\Users\Public\Desktop\RAAS SDK.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\RAASPRO
    2013-12-30 16:14 - 2013-12-30 16:14 - 00000000 ____D C:\Users\Juschus\Documents\Aerosoft
    2013-12-28 10:23 - 2013-12-28 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-12-27 13:52 - 2013-12-27 13:54 - 77481330 _____ () C:\Users\Daniel\Downloads\vR_BR103_VRot_DE_EN_V1.exe
    2013-12-23 18:22 - 2013-12-23 18:22 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2013-12-23 18:08 - 2013-12-23 18:08 - 00000222 _____ C:\Users\Daniel\Desktop\War Thunder.url
    2013-12-23 17:24 - 2013-12-23 17:24 - 00000000 ____D C:\Users\Daniel\Documents\My Games
    2013-12-23 13:42 - 2013-12-23 13:42 - 00000221 _____ C:\Users\Daniel\Desktop\Audiosurf.url
    2013-12-22 14:37 - 2013-12-22 14:37 - 00000000 ____D C:\Users\Daniel\Documents\Flight Simulator X-Dateien
    2013-12-21 12:33 - 2013-12-21 12:33 - 00000000 ____D C:\Users\Daniel\ItchySynths_Overdose_Suite
    2013-12-21 11:39 - 2011-12-19 13:08 - 02239702 _____ C:\Users\Daniel\Desktop\Demolition Man - erb N dub Drop 2.wav
    2013-12-20 12:08 - 2013-12-20 12:08 - 00013653 _____ C:\Users\Daniel\Downloads\file.php
    2013-12-19 13:03 - 2013-12-19 13:03 - 00001087 _____ C:\Users\Public\Desktop\OMSI Addon Manager.lnk
    2013-12-19 13:03 - 2013-12-19 13:03 - 00000000 ____D C:\Program Files (x86)\OMSI Addon Manager
    2013-12-18 09:45 - 2013-12-18 09:45 - 00001059 _____ C:\Users\Public\Desktop\Service Center.lnk
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{9D18D848-CED5-4665-9D6C-AC997FC4BCDD}
    2013-12-14 13:13 - 2013-12-14 13:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HpUpdate
    2013-12-13 17:36 - 2013-12-13 17:36 - 00006520 _____ C:\Users\Daniel\.recently-used.xbel
    2013-12-11 20:13 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2013-12-11 20:13 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2013-12-11 20:13 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2013-12-11 20:13 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2013-12-11 20:12 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-12-11 20:12 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-12-11 20:12 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-12-11 20:12 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-12-11 20:12 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-12-11 20:12 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-12-11 20:12 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-12-11 20:12 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-12-11 20:12 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-12-11 20:12 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-12-11 20:12 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-12-11 20:12 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-12-11 14:58 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2013-12-11 14:58 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2013-12-11 14:58 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2013-12-11 14:58 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2013-12-11 14:58 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
    2013-12-11 14:58 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
    2013-12-11 14:58 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2013-12-11 14:58 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
    2013-12-11 14:58 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
    2013-12-11 14:57 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
    2013-12-11 14:57 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
    2013-12-11 14:57 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
    2013-12-11 14:57 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
    2013-12-11 14:57 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2013-12-11 14:57 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2013-12-11 14:57 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
    2013-12-11 14:57 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
    2013-12-11 14:57 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2013-12-11 14:57 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
    2013-12-07 12:04 - 2013-12-07 12:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\HP
    2013-12-07 12:03 - 2013-12-07 12:03 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\Visan
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\HP Photo Creations
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
    2013-12-07 12:01 - 2013-12-07 12:01 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\HpUpdate
    2013-12-07 12:01 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMB111.dll
    2013-12-07 11:59 - 2013-12-07 12:01 - 00000000 ____D C:\Program Files (x86)\HP
    2013-12-07 11:59 - 2013-12-07 11:59 - 00000000 ____D C:\ProgramData\HP
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000057 _____ C:\ProgramData\Ament.ini
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000000 ____D C:\Program Files\HP
    2013-12-05 19:26 - 2013-12-05 19:26 - 08923288 _____ C:\Users\Juschus\Desktop\vuex6493.exe
    
    ==================== One Month Modified Files and Folders =======
    
    2014-01-03 18:51 - 2014-01-03 18:50 - 00021501 _____ C:\Users\Daniel\Desktop\FRST.txt
    2014-01-03 18:50 - 2014-01-02 13:45 - 00000000 ____D C:\Users\Daniel\Desktop\FRST-OlderVersion
    2014-01-03 18:50 - 2014-01-01 22:16 - 00000000 ____D C:\FRST
    2014-01-03 18:50 - 2014-01-01 22:11 - 01931750 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
    2014-01-03 18:49 - 2014-01-03 18:49 - 00001034 _____ C:\Users\Daniel\Desktop\JRT.txt
    2014-01-03 18:49 - 2014-01-03 18:07 - 00000000 ____D C:\AdwCleaner
    2014-01-03 18:48 - 2014-01-03 18:48 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-03 18:48 - 2013-10-28 18:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-01-03 18:48 - 2013-07-30 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
    2014-01-03 18:48 - 2012-08-23 13:13 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-01-03 18:48 - 2011-12-23 15:42 - 01592665 _____ C:\Windows\WindowsUpdate.log
    2014-01-03 18:21 - 2014-01-03 18:21 - 00001034 _____ C:\Users\Juschus\Desktop\JRT.txt
    2014-01-03 18:18 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-01-03 18:18 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-01-03 18:15 - 2014-01-03 18:15 - 00000000 ____D C:\Windows\ERUNT
    2014-01-03 18:10 - 2011-08-25 04:52 - 00000000 ____D C:\ProgramData\NVIDIA
    2014-01-03 18:10 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2014-01-03 18:10 - 2009-07-14 05:51 - 00287742 _____ C:\Windows\setupact.log
    2014-01-03 18:09 - 2014-01-03 18:09 - 00004422 _____ C:\Users\Daniel\Desktop\AdwCleaner[S0].txt
    2014-01-03 18:07 - 2011-12-24 13:16 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
    2014-01-03 18:06 - 2014-01-03 18:06 - 01036305 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
    2014-01-03 18:05 - 2014-01-03 18:05 - 01233962 _____ C:\Users\Daniel\Desktop\adwcleaner.exe
    2014-01-03 18:00 - 2012-08-23 13:13 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-01-03 17:32 - 2010-11-21 04:47 - 00326598 _____ C:\Windows\PFRO.log
    2014-01-02 18:53 - 2014-01-02 18:53 - 00000222 _____ C:\Users\Daniel\Desktop\OMSI 2.url
    2014-01-02 17:44 - 2012-03-21 17:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
    2014-01-02 17:43 - 2011-12-23 15:42 - 00000000 ____D C:\Users\Juschus
    2014-01-02 17:41 - 2011-12-23 16:20 - 00000000 ____D C:\Program Files (x86)\Ubisoft
    2014-01-02 17:41 - 2011-08-25 04:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2014-01-02 17:38 - 2013-04-29 17:11 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\DVDVideoSoft
    2014-01-02 17:38 - 2012-06-27 12:14 - 00000000 ____D C:\Program Files (x86)\Freemake
    2014-01-02 16:36 - 2014-01-02 16:36 - 00051090 _____ C:\ComboFix.txt
    2014-01-02 16:36 - 2014-01-02 15:24 - 00000000 ____D C:\Qoobox
    2014-01-02 16:36 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
    2014-01-02 16:34 - 2014-01-02 15:24 - 00000000 ____D C:\Windows\erdnt
    2014-01-02 16:31 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
    2014-01-02 15:42 - 2014-01-02 15:42 - 00000381 _____ C:\Users\Daniel\Desktop\combofixfail.txt
    2014-01-02 15:34 - 2013-11-11 19:28 - 00000000 ____D C:\Users\Daniel\Documents\Bluetooth Folder
    2014-01-02 15:21 - 2014-01-02 15:32 - 05160282 ____R (Swearware) C:\Users\Juschus\Desktop\ComboFix.exe
    2014-01-02 15:02 - 2014-01-02 15:02 - 00013506 _____ C:\Users\Daniel\Desktop\Logfiles.zip
    2014-01-02 15:02 - 2011-12-23 15:51 - 00000000 ____D C:\Users\Daniel
    2014-01-02 14:52 - 2014-01-02 14:29 - 00060654 _____ C:\Users\Daniel\Desktop\trojanerboardredirect1.txt
    2014-01-02 14:51 - 2014-01-02 14:51 - 00000000 ____D C:\Program Files (x86)\7-Zip
    2014-01-02 14:13 - 2014-01-02 14:13 - 809872641 _____ C:\Windows\MEMORY.DMP
    2014-01-02 14:13 - 2014-01-02 14:13 - 00000000 ____D C:\Windows\Minidump
    2014-01-02 14:06 - 2014-01-02 14:06 - 00008478 _____ C:\Users\Daniel\Desktop\gmer.txt
    2014-01-02 13:44 - 2014-01-02 13:44 - 00000476 _____ C:\Users\Daniel\Desktop\defogger_disable.log
    2014-01-01 23:00 - 2014-01-02 13:54 - 18432780 _____ C:\Users\Daniel\Desktop\MPLog-12262011-171356.log
    2014-01-01 23:00 - 2014-01-02 13:54 - 00012116 _____ C:\Users\Daniel\Desktop\MPDetection-12222013-210925.log
    2014-01-01 22:15 - 2014-01-01 22:15 - 00000000 _____ C:\Users\Juschus\defogger_reenable
    2014-01-01 22:11 - 2014-01-01 22:11 - 00377856 _____ C:\Users\Daniel\Desktop\gmer_2.1.19163.exe
    2014-01-01 22:11 - 2014-01-01 22:11 - 00050477 _____ C:\Users\Daniel\Desktop\Defogger.exe
    2014-01-01 22:08 - 2014-01-01 22:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes
    2014-01-01 21:44 - 2009-07-14 06:13 - 00876932 _____ C:\Windows\system32\PerfStringBackup.INI
    2014-01-01 20:46 - 2014-01-01 20:46 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
    2014-01-01 20:46 - 2014-01-01 20:46 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\Malwarebytes
    2014-01-01 20:46 - 2014-01-01 20:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-01-01 20:45 - 2014-01-01 20:45 - 00000000 ____D C:\ProgramData\Malwarebytes
    2014-01-01 20:25 - 2011-12-23 15:43 - 00000000 ____D C:\Windows\pss
    2014-01-01 20:14 - 2011-12-23 15:45 - 00000000 ____D C:\Users\Juschus\Documents\Bluetooth Folder
    2014-01-01 18:46 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2014-01-01 14:50 - 2014-01-01 14:50 - 00002475 _____ C:\Users\Public\Desktop\AESHelp for FSX.lnk
    2014-01-01 14:43 - 2014-01-01 12:25 - 00000000 ____D C:\Users\Daniel\Downloads\STBuild120713Dev
    2014-01-01 14:43 - 2012-01-14 13:15 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\SpinTires
    2014-01-01 13:53 - 2014-01-01 13:51 - 33146870 _____ C:\Users\Daniel\Downloads\Ursus tractor and trailers v11.zip
    2014-01-01 13:51 - 2014-01-01 13:49 - 20036311 _____ C:\Users\Daniel\Downloads\kamaz master v1.2 .zip
    2014-01-01 13:49 - 2014-01-01 13:49 - 07091447 _____ C:\Users\Daniel\Downloads\landcruiserhdj80-v1-2.zip
    2014-01-01 13:49 - 2014-01-01 13:48 - 10023942 _____ C:\Users\Daniel\Downloads\actros4141.zip
    2014-01-01 13:48 - 2014-01-01 13:48 - 02218739 _____ C:\Users\Daniel\Downloads\SchoolBus.zip
    2014-01-01 13:48 - 2014-01-01 13:47 - 10502887 _____ C:\Users\Daniel\Downloads\UAZ_2206.zip
    2014-01-01 13:42 - 2014-01-01 13:41 - 05014217 _____ C:\Users\Daniel\Downloads\lancer_evo_v2.zip
    2013-12-31 17:12 - 2013-09-29 18:55 - 00000000 ____D C:\Users\Juschus\Documents\Flight Simulator X-Dateien
    2013-12-31 12:36 - 2013-12-31 12:36 - 00000000 ____D C:\Users\Daniel\Documents\Visual Studio 2008
    2013-12-30 18:20 - 2011-12-23 15:52 - 00151152 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-12-30 18:17 - 2009-07-14 05:45 - 00638504 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002879 _____ C:\Users\Juschus\Desktop\Aviation Jargon Speech Trainer.lnk
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002865 _____ C:\Users\Juschus\Desktop\MCE Aerosoft A320-321.lnk
    2013-12-30 16:26 - 2013-12-30 16:25 - 00000000 ____D C:\Program Files (x86)\Multi Crew Experience Aerosoft AXA
    2013-12-30 16:17 - 2011-08-25 05:48 - 00325427 _____ C:\Windows\DirectX.log
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001744 _____ C:\Users\Public\Desktop\RAAS Pro Aerosoft Info.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001664 _____ C:\Users\Public\Desktop\FS2Crew Airbus X Coupon Code.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001539 _____ C:\Users\Public\Desktop\RAAS Pro Manual.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001524 _____ C:\Users\Public\Desktop\RAAS SDK.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\RAASPRO
    2013-12-30 16:14 - 2013-12-30 16:14 - 00000000 ____D C:\Users\Juschus\Documents\Aerosoft
    2013-12-30 15:21 - 2011-12-23 15:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Atheros
    2013-12-29 10:37 - 2012-04-18 14:14 - 00000000 ____D C:\Users\Daniel\Documents\FFOutput
    2013-12-28 12:38 - 2012-09-12 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2013-12-28 10:23 - 2013-12-28 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-12-27 13:54 - 2013-12-27 13:52 - 77481330 _____ () C:\Users\Daniel\Downloads\vR_BR103_VRot_DE_EN_V1.exe
    2013-12-23 18:34 - 2013-03-25 13:39 - 00000000 ____D C:\ProgramData\WarThunder
    2013-12-23 18:22 - 2013-12-23 18:22 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2013-12-23 18:08 - 2013-12-23 18:08 - 00000222 _____ C:\Users\Daniel\Desktop\War Thunder.url
    2013-12-23 18:07 - 2013-03-25 11:50 - 00000000 ____D C:\Users\Daniel\AppData\Local\War Thunder
    2013-12-23 17:24 - 2013-12-23 17:24 - 00000000 ____D C:\Users\Daniel\Documents\My Games
    2013-12-23 13:42 - 2013-12-23 13:42 - 00000221 _____ C:\Users\Daniel\Desktop\Audiosurf.url
    2013-12-22 14:37 - 2013-12-22 14:37 - 00000000 ____D C:\Users\Daniel\Documents\Flight Simulator X-Dateien
    2013-12-21 17:43 - 2013-06-19 13:21 - 00000000 ____D C:\Users\Daniel\Documents\Fl Studio Collection
    2013-12-21 16:07 - 2013-06-24 16:44 - 00000000 ____D C:\Program Files (x86)\VstPlugins
    2013-12-21 12:33 - 2013-12-21 12:33 - 00000000 ____D C:\Users\Daniel\ItchySynths_Overdose_Suite
    2013-12-20 12:08 - 2013-12-20 12:08 - 00013653 _____ C:\Users\Daniel\Downloads\file.php
    2013-12-19 13:03 - 2013-12-19 13:03 - 00001087 _____ C:\Users\Public\Desktop\OMSI Addon Manager.lnk
    2013-12-19 13:03 - 2013-12-19 13:03 - 00000000 ____D C:\Program Files (x86)\OMSI Addon Manager
    2013-12-18 10:34 - 2012-01-25 15:47 - 00224335 _____ C:\test.xml
    2013-12-18 09:50 - 2013-11-09 12:03 - 00000000 ____D C:\Users\Daniel\Documents\Native Instruments
    2013-12-18 09:45 - 2013-12-18 09:45 - 00001059 _____ C:\Users\Public\Desktop\Service Center.lnk
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{9D18D848-CED5-4665-9D6C-AC997FC4BCDD}
    2013-12-18 09:45 - 2013-06-25 15:26 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
    2013-12-18 09:45 - 2013-06-25 15:21 - 00000000 ____D C:\Program Files\Native Instruments
    2013-12-16 15:37 - 2012-11-11 15:36 - 00000000 ____D C:\Users\Daniel\Documents\Kindergarten
    2013-12-15 19:02 - 2012-04-18 14:04 - 00000000 ____D C:\Program Files (x86)\Google
    2013-12-15 14:03 - 2013-07-29 19:19 - 00000000 ____D C:\Windows\system32\MRT
    2013-12-15 14:00 - 2012-05-31 17:35 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2013-12-14 13:14 - 2013-12-14 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HpUpdate
    2013-12-13 17:36 - 2013-12-13 17:36 - 00006520 _____ C:\Users\Daniel\.recently-used.xbel
    2013-12-12 16:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
    2013-12-11 17:32 - 2012-03-30 19:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-12-11 17:32 - 2011-08-25 05:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-12-11 15:08 - 2013-04-29 20:03 - 00000000 ____D C:\Program Files\Microsoft Office 15
    2013-12-07 15:14 - 2013-10-03 18:32 - 00052736 ___SH C:\Users\Daniel\Documents\Thumbs.db
    2013-12-07 12:08 - 2013-12-07 12:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\HP
    2013-12-07 12:03 - 2013-12-07 12:03 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\Visan
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\HP Photo Creations
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
    2013-12-07 12:01 - 2013-12-07 12:01 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\HpUpdate
    2013-12-07 12:01 - 2013-12-07 11:59 - 00000000 ____D C:\Program Files (x86)\HP
    2013-12-07 11:59 - 2013-12-07 11:59 - 00000000 ____D C:\ProgramData\HP
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000057 _____ C:\ProgramData\Ament.ini
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000000 ____D C:\Program Files\HP
    2013-12-05 19:33 - 2011-08-25 04:50 - 00037132 _____ C:\Windows\DPINST.LOG
    2013-12-05 19:26 - 2013-12-05 19:26 - 08923288 _____ C:\Users\Juschus\Desktop\vuex6493.exe
    
    ==================== Bamital & volsnap Check =================
    
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    
    ==================== End Of Log ============================
             
    --- --- ---

    --- --- ---


Alt 04.01.2014, 12:42   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Zitat:
Ran by Daniel (ATTENTION: The logged in user is not administrator)
Du hast FRST nicht als Admin ausgeführt
FRST neu runterladen, starten per Rechtsklick => als Admin ausführen. Haken setzen bei additions und auf Scan klicken, beide Logs in CODE-Tags posten
__________________
--> Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen

Alt 04.01.2014, 13:02   #7
TheMrDJJ
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Neuer Versuch als Administrator:
  • FRST.txt:

    FRST Logfile:

    FRST Logfile:
    Code:
    ATTFilter
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
    Ran by Juschus (administrator) on JUSCHUS-VAIO on 04-01-2014 12:55:53
    Running from C:\Users\Daniel\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal
    
    ==================== Processes (Whitelisted) =================
    
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
    () C:\ProgramData\DatacardService\HWDeviceService64.exe
    () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
    (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
    (Microsoft Corporation) C:\Windows\System32\vds.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
    () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    (KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
    
    
    ==================== Registry (Whitelisted) ==================
    
    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-07-20] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-07-20] (Realtek Semiconductor)
    HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [947360 2011-07-05] (Atheros Commnucations)
    HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [797344 2011-07-05] (Atheros Commnucations)
    HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-06-22] (Synaptics Incorporated)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
    HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
    HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
    HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
    HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
    HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2801288 2011-05-31] (Sony Corporation)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
    HKLM-x32\...\Run: [Reader Library Launcher] - C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [906648 2010-07-13] (Sony Corporation)
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
    HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-03-18] (Sony Corporation)
    HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
    HKLM-x32\...\Run: [] - [x]
    HKLM-x32\...\Run: [KORG USB-MIDI Driver] - C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [394248 2013-01-08] (KORG Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
    HKCU\...\Run: [SoftAuto.exe] - C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe [405504 2008-08-13] (Creative Technology Ltd)
    HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
    HKCU\...\Run: [Wisdom-soft ScreenHunter 5.1 Free] - 0
    HKU\Magda\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
    Startup: C:\Users\Juschus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OMSI Addon Manager.lnk
    ShortcutTarget: OMSI Addon Manager.lnk -> C:\Program Files (x86)\OMSI Addon Manager\OMSI Addon Manager.exe (Jan Kiesewalter)
    
    ==================== Internet (Whitelisted) ====================
    
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://vaioportal.sony.eu
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKCU - {3E2C4E63-9A5B-4F99-BF65-8C1B527A91D8} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=hxxp://shop.ebay.co.uk/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
    SearchScopes: HKCU - {5051439F-68AA-415C-A6C7-02365397DD95} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
    BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    
    FireFox:
    ========
    FF ProfilePath: C:\Users\Juschus\AppData\Roaming\Mozilla\Firefox\Profiles\qd1qav5j.default
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @sony.com/eBookLibrary - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
    FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
    FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\Juschus\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Juschus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    
    ==================== Services (Whitelisted) =================
    
    S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros)
    R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd)
    S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd)
    S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
    R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
    S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] ()
    R2 MOBK649backup; C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe [223544 2011-04-18] (McAfee, Inc.)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
    R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
    S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
    R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
    S2 pr2ah4nb; C:\Windows\system32\pr2ah4nb.exe [777576 2007-07-19] (CODEMASTERS)
    S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS)
    R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259512 2011-07-22] (Sony Corporation)
    S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
    R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
    S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
    R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
    
    ==================== Drivers (Whitelisted) ====================
    
    R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
    S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2012-01-03] ()
    R3 bomebus; C:\Windows\System32\DRIVERS\bomebus.sys [34376 2010-10-12] (Bome Software)
    S3 bomemidi; C:\Windows\System32\drivers\bomemidi.sys [30792 2010-10-12] (Bome Software)
    S2 CdaC15BA; C:\Windows\SysWow64\drivers\CdaC15BA.SYS [12464 2013-06-08] (Macrovision Europe Ltd)
    S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [239104 2012-09-18] (Huawei Technologies Co., Ltd.)
    S3 KORGUMDS; C:\Windows\System32\Drivers\KORGUM64.SYS [34288 2013-01-08] (KORG INC.)
    R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-01-03] ()
    R1 MOBK649Filter; C:\Windows\System32\DRIVERS\MOBK649.sys [66040 2011-04-18] (Mozy, Inc.)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
    R0 pe3ah4nb; C:\Windows\System32\drivers\pe3ah4nb.sys [72296 2007-07-19] (CODEMASTERS)
    R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS)
    R0 ps6ah4nb; C:\Windows\System32\drivers\ps6ah4nb.sys [102000 2007-07-19] (CODEMASTERS)
    R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS)
    R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2011-06-23] (REDC)
    S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2012-03-06] (Texas Instruments)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    S3 catchme; \??\C:\ComboFix\catchme.sys [x]
    S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [x]
    S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [x]
    
    ==================== NetSvcs (Whitelisted) ===================
    
    
    ==================== One Month Created Files and Folders ========
    
    2014-01-04 12:55 - 2014-01-04 12:56 - 00024128 _____ C:\Users\Daniel\Desktop\FRST.txt
    2014-01-04 12:55 - 2014-01-04 12:55 - 01931368 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
    2014-01-04 12:09 - 2014-01-04 12:09 - 04182497 _____ C:\Users\Daniel\Downloads\Radikal-Guru-feat_-Rankin-Scroo--My-Trees.zip
    2014-01-04 09:38 - 2014-01-04 09:38 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-04 09:32 - 2014-01-04 09:32 - 00000000 ____D C:\Users\Magda\AppData\Local\{779DEC04-3FE6-4871-914C-AD96B270A916}
    2014-01-04 09:31 - 2014-01-04 09:31 - 00000000 ___RD C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-04 08:49 - 2014-01-04 08:49 - 00000000 ___RD C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-03 19:39 - 2014-01-03 19:39 - 00000222 _____ C:\Users\Daniel\Desktop\OMSI 2.url
    2014-01-03 18:21 - 2014-01-03 18:21 - 00001034 _____ C:\Users\Juschus\Desktop\JRT.txt
    2014-01-03 18:15 - 2014-01-03 18:15 - 00000000 ____D C:\Windows\ERUNT
    2014-01-03 18:07 - 2014-01-03 18:49 - 00000000 ____D C:\AdwCleaner
    2014-01-02 16:36 - 2014-01-02 16:36 - 00051090 _____ C:\ComboFix.txt
    2014-01-02 16:01 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
    2014-01-02 16:01 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
    2014-01-02 16:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2014-01-02 16:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2014-01-02 16:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2014-01-02 16:01 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
    2014-01-02 16:01 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
    2014-01-02 16:01 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
    2014-01-02 15:32 - 2014-01-02 15:21 - 05160282 ____R (Swearware) C:\Users\Juschus\Desktop\ComboFix.exe
    2014-01-02 15:31 - 2014-01-02 15:31 - 00000000 ___RD C:\Users\Juschus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-02 15:24 - 2014-01-02 16:36 - 00000000 ____D C:\Qoobox
    2014-01-02 15:24 - 2014-01-02 16:34 - 00000000 ____D C:\Windows\erdnt
    2014-01-02 14:51 - 2014-01-02 14:51 - 00000000 ____D C:\Program Files (x86)\7-Zip
    2014-01-02 14:13 - 2014-01-02 14:14 - 00290536 _____ C:\Windows\Minidump\010214-25521-01.dmp
    2014-01-02 14:13 - 2014-01-02 14:13 - 809872641 _____ C:\Windows\MEMORY.DMP
    2014-01-02 14:13 - 2014-01-02 14:13 - 00000000 ____D C:\Windows\Minidump
    2014-01-02 09:36 - 2014-01-02 09:36 - 00000000 ____D C:\Users\Magda\AppData\Local\{6FE5E739-57CF-422C-BAAA-42F96BE6380F}
    2014-01-01 22:16 - 2014-01-03 18:50 - 00000000 ____D C:\FRST
    2014-01-01 22:15 - 2014-01-01 22:15 - 00000000 _____ C:\Users\Juschus\defogger_reenable
    2014-01-01 22:08 - 2014-01-01 22:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes
    2014-01-01 20:47 - 2014-01-01 20:47 - 04645232 _____ (Piriform Ltd) C:\Users\Juschus\Downloads\ccsetup409.exe
    2014-01-01 20:46 - 2014-01-01 20:46 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\Malwarebytes
    2014-01-01 20:45 - 2014-01-01 20:45 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Juschus\Downloads\mbam-setup-1.75.0.1300.exe
    2014-01-01 20:45 - 2014-01-01 20:45 - 00000000 ____D C:\ProgramData\Malwarebytes
    2014-01-01 20:43 - 2014-01-01 20:43 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Juschus\Downloads\tdsskiller.exe
    2014-01-01 14:50 - 2014-01-01 14:50 - 00002475 _____ C:\Users\Public\Desktop\AESHelp for FSX.lnk
    2014-01-01 13:51 - 2014-01-01 13:53 - 33146870 _____ C:\Users\Daniel\Downloads\Ursus tractor and trailers v11.zip
    2014-01-01 13:49 - 2014-01-01 13:51 - 20036311 _____ C:\Users\Daniel\Downloads\kamaz master v1.2 .zip
    2014-01-01 13:49 - 2014-01-01 13:49 - 07091447 _____ C:\Users\Daniel\Downloads\landcruiserhdj80-v1-2.zip
    2014-01-01 13:48 - 2014-01-01 13:49 - 10023942 _____ C:\Users\Daniel\Downloads\actros4141.zip
    2014-01-01 13:48 - 2014-01-01 13:48 - 02218739 _____ C:\Users\Daniel\Downloads\SchoolBus.zip
    2014-01-01 13:47 - 2014-01-01 13:48 - 10502887 _____ C:\Users\Daniel\Downloads\UAZ_2206.zip
    2014-01-01 13:41 - 2014-01-01 13:42 - 05014217 _____ C:\Users\Daniel\Downloads\lancer_evo_v2.zip
    2014-01-01 12:25 - 2014-01-01 14:43 - 00000000 ____D C:\Users\Daniel\Downloads\STBuild120713Dev
    2013-12-31 12:36 - 2013-12-31 12:36 - 00000000 ____D C:\Users\Daniel\Documents\Visual Studio 2008
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002879 _____ C:\Users\Juschus\Desktop\Aviation Jargon Speech Trainer.lnk
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002865 _____ C:\Users\Juschus\Desktop\MCE Aerosoft A320-321.lnk
    2013-12-30 16:26 - 2013-12-30 16:26 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multi Crew Experience
    2013-12-30 16:25 - 2013-12-30 16:26 - 00000000 ____D C:\Program Files (x86)\Multi Crew Experience Aerosoft AXA
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001744 _____ C:\Users\Public\Desktop\RAAS Pro Aerosoft Info.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001664 _____ C:\Users\Public\Desktop\FS2Crew Airbus X Coupon Code.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001539 _____ C:\Users\Public\Desktop\RAAS Pro Manual.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001524 _____ C:\Users\Public\Desktop\RAAS SDK.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\RAASPRO
    2013-12-30 16:14 - 2013-12-30 16:14 - 00000000 ____D C:\Users\Juschus\Documents\Aerosoft
    2013-12-30 11:39 - 2013-12-30 11:39 - 00000000 ____D C:\Users\Magda\AppData\Local\{5D20C2E2-D23D-424B-B0E5-72B077043D94}
    2013-12-29 11:08 - 2013-12-29 11:08 - 00000000 ____D C:\Users\Magda\AppData\Local\{315761DA-B359-4760-A5E0-69B906108EE2}
    2013-12-28 11:34 - 2013-12-28 11:34 - 00000000 ____D C:\Users\Magda\AppData\Local\{90DBF805-FF59-4916-9744-33CACB76D788}
    2013-12-28 10:23 - 2013-12-28 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-12-27 13:52 - 2013-12-27 13:54 - 77481330 _____ () C:\Users\Daniel\Downloads\vR_BR103_VRot_DE_EN_V1.exe
    2013-12-27 11:09 - 2013-12-27 11:10 - 00000000 ____D C:\Users\Magda\AppData\Local\{CC6C0AA9-EB09-43FE-BC35-2291B8781A5A}
    2013-12-25 09:42 - 2013-12-25 09:42 - 00001292 _____ C:\Users\Magda\Downloads\Koma.acsm
    2013-12-25 09:40 - 2013-12-25 09:40 - 00000000 ____D C:\Users\Magda\AppData\Local\{6EEB3E0F-CD1C-4443-B7B5-36C03E55DDC7}
    2013-12-23 19:01 - 2013-12-23 19:02 - 00000000 ____D C:\Users\Magda\AppData\Local\{F300B308-5EED-4E18-9A9F-A407904E9B63}
    2013-12-23 18:22 - 2013-12-23 18:22 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2013-12-23 18:08 - 2013-12-23 18:08 - 00000222 _____ C:\Users\Daniel\Desktop\War Thunder.url
    2013-12-23 17:24 - 2013-12-23 17:24 - 00000000 ____D C:\Users\Daniel\Documents\My Games
    2013-12-23 13:42 - 2013-12-23 13:42 - 00000221 _____ C:\Users\Daniel\Desktop\Audiosurf.url
    2013-12-22 14:37 - 2013-12-22 14:37 - 00000000 ____D C:\Users\Daniel\Documents\Flight Simulator X-Dateien
    2013-12-22 10:15 - 2013-12-22 10:15 - 00000000 ____D C:\Users\Magda\AppData\Local\{62FBD19E-EA73-4512-BF0D-3C5D917ADDE6}
    2013-12-21 12:33 - 2013-12-21 12:33 - 00000000 ____D C:\Users\Daniel\ItchySynths_Overdose_Suite
    2013-12-20 15:06 - 2013-12-20 15:07 - 00000000 ____D C:\Users\Magda\AppData\Local\{C5FF207E-7C26-413B-B478-94F3567DE37D}
    2013-12-20 12:08 - 2013-12-20 12:08 - 00013653 _____ C:\Users\Daniel\Downloads\file.php
    2013-12-19 15:41 - 2013-12-19 15:41 - 00000000 ____D C:\Users\Magda\AppData\Local\{04C22749-51A5-4E01-804A-7E397374B263}
    2013-12-19 13:03 - 2013-12-19 13:03 - 00001087 _____ C:\Users\Public\Desktop\OMSI Addon Manager.lnk
    2013-12-19 13:03 - 2013-12-19 13:03 - 00000000 ____D C:\Users\Juschus\AppData\Local\OMSI AM
    2013-12-19 13:03 - 2013-12-19 13:03 - 00000000 ____D C:\Program Files (x86)\OMSI Addon Manager
    2013-12-18 16:25 - 2013-12-18 16:26 - 00000000 ____D C:\Users\Magda\AppData\Local\{B1D7BD16-8A09-4645-A223-C0BB30840CC8}
    2013-12-18 09:45 - 2013-12-18 09:45 - 00001059 _____ C:\Users\Public\Desktop\Service Center.lnk
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{9D18D848-CED5-4665-9D6C-AC997FC4BCDD}
    2013-12-17 19:21 - 2013-12-17 19:21 - 00000000 ____D C:\Users\Magda\AppData\Local\{B999B746-3469-4828-AAF5-7C2855259D9F}
    2013-12-16 17:17 - 2013-12-16 17:17 - 00000000 ____D C:\Users\Magda\AppData\Local\{1C6A5EDA-C090-40FF-9794-3F1AA8D6A800}
    2013-12-15 10:29 - 2013-12-15 10:29 - 00000000 ____D C:\Users\Magda\AppData\Local\{7C388C7A-3E0D-4142-8648-7D2E6B320611}
    2013-12-14 13:15 - 2013-12-14 13:15 - 00000000 ____D C:\Users\Magda\AppData\Local\{B16A09D2-BAFB-4761-8038-1BFABD532C2C}
    2013-12-14 13:13 - 2013-12-14 13:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HpUpdate
    2013-12-14 11:51 - 2013-12-14 11:51 - 00000000 ____D C:\Users\Magda\AppData\Local\{6AF4FDA7-7A98-47EE-9CEB-8FD47E3C3E9C}
    2013-12-13 17:36 - 2013-12-13 17:36 - 00006520 _____ C:\Users\Daniel\.recently-used.xbel
    2013-12-13 15:20 - 2013-12-13 15:21 - 00000000 ____D C:\Users\Magda\AppData\Local\{F97DC64B-6D75-4794-88F8-90E2A3174C2F}
    2013-12-12 14:37 - 2013-12-12 14:37 - 00000000 ____D C:\Users\Magda\AppData\Local\{73B0FD03-1077-4945-BE13-D7FF872E4AF8}
    2013-12-11 20:13 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2013-12-11 20:13 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2013-12-11 20:13 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2013-12-11 20:13 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2013-12-11 20:12 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-12-11 20:12 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-12-11 20:12 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-12-11 20:12 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-12-11 20:12 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-12-11 20:12 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-12-11 20:12 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-12-11 20:12 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-12-11 20:12 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-12-11 20:12 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-12-11 20:12 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-12-11 20:12 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-12-11 20:12 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-12-11 20:12 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-12-11 15:55 - 2013-12-11 15:56 - 00000000 ____D C:\Users\Magda\AppData\Local\{5F228F4F-C961-4A5C-99C5-5AB4C4C3ECDF}
    2013-12-11 14:58 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2013-12-11 14:58 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2013-12-11 14:58 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2013-12-11 14:58 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2013-12-11 14:58 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
    2013-12-11 14:58 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
    2013-12-11 14:58 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2013-12-11 14:58 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
    2013-12-11 14:58 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
    2013-12-11 14:57 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
    2013-12-11 14:57 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
    2013-12-11 14:57 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
    2013-12-11 14:57 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
    2013-12-11 14:57 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2013-12-11 14:57 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2013-12-11 14:57 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
    2013-12-11 14:57 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
    2013-12-11 14:57 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2013-12-11 14:57 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
    2013-12-10 11:04 - 2013-12-10 11:05 - 00000000 ____D C:\Users\Magda\AppData\Local\{A6AD93B5-74D2-4E80-B2AA-B392D250CA0C}
    2013-12-09 15:25 - 2013-12-09 15:25 - 00000000 ____D C:\Users\Magda\AppData\Local\{E54230C9-C039-488E-A949-0E0A330CDE43}
    2013-12-08 18:59 - 2013-12-08 18:59 - 00000000 ____D C:\Users\Magda\AppData\Local\{C65EFBE5-86F3-419F-98D9-0FC084E922E0}
    2013-12-08 09:39 - 2013-12-08 09:39 - 00000000 ____D C:\Users\Magda\AppData\Local\{75E0271E-8C33-4449-9D67-53C0D545898D}
    2013-12-07 12:04 - 2013-12-07 12:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\HP
    2013-12-07 12:04 - 2013-12-07 12:04 - 00002816 _____ C:\Windows\System32\Tasks\hpUtility.exe_{8A4E6FFE-B9BA-4BEA-8343-F06FCD9BF6FE}
    2013-12-07 12:03 - 2013-12-07 12:03 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
    2013-12-07 12:02 - 2013-12-07 12:02 - 00003636 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart 5520 series
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\Visan
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\HP Photo Creations
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
    2013-12-07 12:01 - 2013-12-07 12:01 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\HpUpdate
    2013-12-07 12:01 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMB111.dll
    2013-12-07 11:59 - 2013-12-07 12:01 - 00000000 ____D C:\Program Files (x86)\HP
    2013-12-07 11:59 - 2013-12-07 11:59 - 00000000 ____D C:\ProgramData\HP
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000057 _____ C:\ProgramData\Ament.ini
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000000 ____D C:\Program Files\HP
    2013-12-07 11:52 - 2013-12-07 11:52 - 00000000 ____D C:\Users\Juschus\AppData\Local\HP
    2013-12-07 09:45 - 2013-12-07 09:45 - 00000000 ____D C:\Users\Magda\AppData\Local\{F46B2AB1-AB7C-4FC5-A4BC-4477649C9265}
    2013-12-06 09:06 - 2013-12-06 09:07 - 00000000 ____D C:\Users\Magda\AppData\Local\{3E0CBBBC-508F-4C1A-859F-5A5017F37FD0}
    2013-12-05 19:26 - 2013-12-05 19:26 - 08923288 _____ (Hamrick Software) C:\Users\Juschus\Desktop\vuex6493.exe
    2013-12-05 14:27 - 2013-12-05 14:27 - 00000000 ____D C:\Users\Magda\AppData\Local\{A54C94B9-321C-434C-B255-79FA5EED60A1}
    
    ==================== One Month Modified Files and Folders =======
    
    2014-01-04 12:56 - 2014-01-04 12:55 - 00024128 _____ C:\Users\Daniel\Desktop\FRST.txt
    2014-01-04 12:56 - 2011-12-24 13:16 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
    2014-01-04 12:55 - 2014-01-04 12:55 - 01931368 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
    2014-01-04 12:47 - 2011-12-23 15:42 - 01606695 _____ C:\Windows\WindowsUpdate.log
    2014-01-04 12:46 - 2012-03-21 17:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
    2014-01-04 12:44 - 2009-07-14 05:51 - 00287854 _____ C:\Windows\setupact.log
    2014-01-04 12:32 - 2013-10-28 18:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-01-04 12:09 - 2014-01-04 12:09 - 04182497 _____ C:\Users\Daniel\Downloads\Radikal-Guru-feat_-Rankin-Scroo--My-Trees.zip
    2014-01-04 12:00 - 2012-08-23 13:13 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-01-04 11:36 - 2013-12-04 15:41 - 00004992 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Juschus-VAIO-Daniel Juschus-VAIO
    2014-01-04 09:38 - 2014-01-04 09:38 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-04 09:38 - 2013-07-30 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
    2014-01-04 09:38 - 2012-08-23 13:13 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-01-04 09:32 - 2014-01-04 09:32 - 00000000 ____D C:\Users\Magda\AppData\Local\{779DEC04-3FE6-4871-914C-AD96B270A916}
    2014-01-04 09:31 - 2014-01-04 09:31 - 00000000 ___RD C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-04 09:22 - 2011-12-28 18:05 - 00000000 ____D C:\Users\Frank\AppData\Local\CrashDumps
    2014-01-04 08:56 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-01-04 08:56 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-01-04 08:49 - 2014-01-04 08:49 - 00000000 ___RD C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-04 08:49 - 2011-12-26 17:52 - 00151152 _____ C:\Users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-01-04 08:48 - 2011-08-25 04:52 - 00000000 ____D C:\ProgramData\NVIDIA
    2014-01-04 08:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2014-01-03 19:39 - 2014-01-03 19:39 - 00000222 _____ C:\Users\Daniel\Desktop\OMSI 2.url
    2014-01-03 18:50 - 2014-01-01 22:16 - 00000000 ____D C:\FRST
    2014-01-03 18:49 - 2014-01-03 18:07 - 00000000 ____D C:\AdwCleaner
    2014-01-03 18:21 - 2014-01-03 18:21 - 00001034 _____ C:\Users\Juschus\Desktop\JRT.txt
    2014-01-03 18:15 - 2014-01-03 18:15 - 00000000 ____D C:\Windows\ERUNT
    2014-01-03 17:32 - 2010-11-21 04:47 - 00326598 _____ C:\Windows\PFRO.log
    2014-01-02 17:43 - 2011-12-23 15:42 - 00000000 ____D C:\Users\Juschus
    2014-01-02 17:41 - 2011-12-23 16:20 - 00000000 ____D C:\Program Files (x86)\Ubisoft
    2014-01-02 17:41 - 2011-08-25 04:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2014-01-02 17:38 - 2013-04-29 17:11 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\DVDVideoSoft
    2014-01-02 17:38 - 2012-06-27 12:14 - 00000000 ____D C:\ProgramData\Freemake
    2014-01-02 17:38 - 2012-06-27 12:14 - 00000000 ____D C:\Program Files (x86)\Freemake
    2014-01-02 16:36 - 2014-01-02 16:36 - 00051090 _____ C:\ComboFix.txt
    2014-01-02 16:36 - 2014-01-02 15:24 - 00000000 ____D C:\Qoobox
    2014-01-02 16:36 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
    2014-01-02 16:34 - 2014-01-02 15:24 - 00000000 ____D C:\Windows\erdnt
    2014-01-02 16:31 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
    2014-01-02 15:34 - 2013-11-11 19:28 - 00000000 ____D C:\Users\Daniel\Documents\Bluetooth Folder
    2014-01-02 15:31 - 2014-01-02 15:31 - 00000000 ___RD C:\Users\Juschus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2014-01-02 15:21 - 2014-01-02 15:32 - 05160282 ____R (Swearware) C:\Users\Juschus\Desktop\ComboFix.exe
    2014-01-02 15:02 - 2011-12-23 15:51 - 00000000 ____D C:\Users\Daniel
    2014-01-02 14:51 - 2014-01-02 14:51 - 00000000 ____D C:\Program Files (x86)\7-Zip
    2014-01-02 14:14 - 2014-01-02 14:13 - 00290536 _____ C:\Windows\Minidump\010214-25521-01.dmp
    2014-01-02 14:13 - 2014-01-02 14:13 - 809872641 _____ C:\Windows\MEMORY.DMP
    2014-01-02 14:13 - 2014-01-02 14:13 - 00000000 ____D C:\Windows\Minidump
    2014-01-02 10:02 - 2012-02-12 11:12 - 00000000 ____D C:\Users\Magda\AppData\Local\CrashDumps
    2014-01-02 09:36 - 2014-01-02 09:36 - 00000000 ____D C:\Users\Magda\AppData\Local\{6FE5E739-57CF-422C-BAAA-42F96BE6380F}
    2014-01-02 09:20 - 2011-12-23 18:15 - 00151152 _____ C:\Users\Magda\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-01-01 22:35 - 2011-12-28 12:19 - 00000000 ____D C:\Users\Juschus\AppData\Local\CrashDumps
    2014-01-01 22:15 - 2014-01-01 22:15 - 00000000 _____ C:\Users\Juschus\defogger_reenable
    2014-01-01 22:08 - 2014-01-01 22:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes
    2014-01-01 21:44 - 2009-07-14 06:13 - 00876932 _____ C:\Windows\system32\PerfStringBackup.INI
    2014-01-01 20:47 - 2014-01-01 20:47 - 04645232 _____ (Piriform Ltd) C:\Users\Juschus\Downloads\ccsetup409.exe
    2014-01-01 20:46 - 2014-01-01 20:46 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\Malwarebytes
    2014-01-01 20:45 - 2014-01-01 20:45 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Juschus\Downloads\mbam-setup-1.75.0.1300.exe
    2014-01-01 20:45 - 2014-01-01 20:45 - 00000000 ____D C:\ProgramData\Malwarebytes
    2014-01-01 20:43 - 2014-01-01 20:43 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Juschus\Downloads\tdsskiller.exe
    2014-01-01 20:25 - 2011-12-23 15:43 - 00000000 ____D C:\Windows\pss
    2014-01-01 20:14 - 2011-12-23 15:45 - 00000000 ____D C:\Users\Juschus\Documents\Bluetooth Folder
    2014-01-01 18:46 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2014-01-01 14:50 - 2014-01-01 14:50 - 00002475 _____ C:\Users\Public\Desktop\AESHelp for FSX.lnk
    2014-01-01 14:43 - 2014-01-01 12:25 - 00000000 ____D C:\Users\Daniel\Downloads\STBuild120713Dev
    2014-01-01 14:43 - 2012-01-14 13:15 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\SpinTires
    2014-01-01 13:53 - 2014-01-01 13:51 - 33146870 _____ C:\Users\Daniel\Downloads\Ursus tractor and trailers v11.zip
    2014-01-01 13:51 - 2014-01-01 13:49 - 20036311 _____ C:\Users\Daniel\Downloads\kamaz master v1.2 .zip
    2014-01-01 13:49 - 2014-01-01 13:49 - 07091447 _____ C:\Users\Daniel\Downloads\landcruiserhdj80-v1-2.zip
    2014-01-01 13:49 - 2014-01-01 13:48 - 10023942 _____ C:\Users\Daniel\Downloads\actros4141.zip
    2014-01-01 13:48 - 2014-01-01 13:48 - 02218739 _____ C:\Users\Daniel\Downloads\SchoolBus.zip
    2014-01-01 13:48 - 2014-01-01 13:47 - 10502887 _____ C:\Users\Daniel\Downloads\UAZ_2206.zip
    2014-01-01 13:42 - 2014-01-01 13:41 - 05014217 _____ C:\Users\Daniel\Downloads\lancer_evo_v2.zip
    2013-12-31 17:12 - 2013-09-29 18:55 - 00000000 ____D C:\Users\Juschus\Documents\Flight Simulator X-Dateien
    2013-12-31 12:36 - 2013-12-31 12:36 - 00000000 ____D C:\Users\Daniel\Documents\Visual Studio 2008
    2013-12-30 18:43 - 2011-12-23 15:43 - 00151152 _____ C:\Users\Juschus\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-12-30 18:20 - 2011-12-23 15:52 - 00151152 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-12-30 18:17 - 2009-07-14 05:45 - 00638504 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002879 _____ C:\Users\Juschus\Desktop\Aviation Jargon Speech Trainer.lnk
    2013-12-30 16:26 - 2013-12-30 16:26 - 00002865 _____ C:\Users\Juschus\Desktop\MCE Aerosoft A320-321.lnk
    2013-12-30 16:26 - 2013-12-30 16:26 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multi Crew Experience
    2013-12-30 16:26 - 2013-12-30 16:25 - 00000000 ____D C:\Program Files (x86)\Multi Crew Experience Aerosoft AXA
    2013-12-30 16:17 - 2011-08-25 05:48 - 00325427 _____ C:\Windows\DirectX.log
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001744 _____ C:\Users\Public\Desktop\RAAS Pro Aerosoft Info.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001664 _____ C:\Users\Public\Desktop\FS2Crew Airbus X Coupon Code.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001539 _____ C:\Users\Public\Desktop\RAAS Pro Manual.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00001524 _____ C:\Users\Public\Desktop\RAAS SDK.lnk
    2013-12-30 16:15 - 2013-12-30 16:15 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\RAASPRO
    2013-12-30 16:14 - 2013-12-30 16:14 - 00000000 ____D C:\Users\Juschus\Documents\Aerosoft
    2013-12-30 15:21 - 2011-12-23 15:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Atheros
    2013-12-30 11:39 - 2013-12-30 11:39 - 00000000 ____D C:\Users\Magda\AppData\Local\{5D20C2E2-D23D-424B-B0E5-72B077043D94}
    2013-12-29 11:08 - 2013-12-29 11:08 - 00000000 ____D C:\Users\Magda\AppData\Local\{315761DA-B359-4760-A5E0-69B906108EE2}
    2013-12-29 10:37 - 2012-04-18 14:14 - 00000000 ____D C:\Users\Daniel\Documents\FFOutput
    2013-12-28 12:38 - 2012-09-12 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2013-12-28 11:34 - 2013-12-28 11:34 - 00000000 ____D C:\Users\Magda\AppData\Local\{90DBF805-FF59-4916-9744-33CACB76D788}
    2013-12-28 10:23 - 2013-12-28 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-12-27 18:39 - 2011-12-28 17:47 - 00000000 ____D C:\Users\Magda\AppData\Local\Mozilla
    2013-12-27 13:54 - 2013-12-27 13:52 - 77481330 _____ () C:\Users\Daniel\Downloads\vR_BR103_VRot_DE_EN_V1.exe
    2013-12-27 11:29 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2013-12-27 11:10 - 2013-12-27 11:09 - 00000000 ____D C:\Users\Magda\AppData\Local\{CC6C0AA9-EB09-43FE-BC35-2291B8781A5A}
    2013-12-25 09:42 - 2013-12-25 09:42 - 00001292 _____ C:\Users\Magda\Downloads\Koma.acsm
    2013-12-25 09:40 - 2013-12-25 09:40 - 00000000 ____D C:\Users\Magda\AppData\Local\{6EEB3E0F-CD1C-4443-B7B5-36C03E55DDC7}
    2013-12-23 19:02 - 2013-12-23 19:01 - 00000000 ____D C:\Users\Magda\AppData\Local\{F300B308-5EED-4E18-9A9F-A407904E9B63}
    2013-12-23 18:34 - 2013-03-25 13:39 - 00000000 ____D C:\ProgramData\WarThunder
    2013-12-23 18:22 - 2013-12-23 18:22 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2013-12-23 18:08 - 2013-12-23 18:08 - 00000222 _____ C:\Users\Daniel\Desktop\War Thunder.url
    2013-12-23 18:07 - 2013-03-25 11:50 - 00000000 ____D C:\Users\Daniel\AppData\Local\War Thunder
    2013-12-23 17:24 - 2013-12-23 17:24 - 00000000 ____D C:\Users\Daniel\Documents\My Games
    2013-12-23 13:42 - 2013-12-23 13:42 - 00000221 _____ C:\Users\Daniel\Desktop\Audiosurf.url
    2013-12-22 14:37 - 2013-12-22 14:37 - 00000000 ____D C:\Users\Daniel\Documents\Flight Simulator X-Dateien
    2013-12-22 10:15 - 2013-12-22 10:15 - 00000000 ____D C:\Users\Magda\AppData\Local\{62FBD19E-EA73-4512-BF0D-3C5D917ADDE6}
    2013-12-21 17:43 - 2013-06-19 13:21 - 00000000 ____D C:\Users\Daniel\Documents\Fl Studio Collection
    2013-12-21 16:07 - 2013-06-24 16:44 - 00000000 ____D C:\Program Files (x86)\VstPlugins
    2013-12-21 12:33 - 2013-12-21 12:33 - 00000000 ____D C:\Users\Daniel\ItchySynths_Overdose_Suite
    2013-12-20 15:07 - 2013-12-20 15:06 - 00000000 ____D C:\Users\Magda\AppData\Local\{C5FF207E-7C26-413B-B478-94F3567DE37D}
    2013-12-20 12:08 - 2013-12-20 12:08 - 00013653 _____ C:\Users\Daniel\Downloads\file.php
    2013-12-19 15:41 - 2013-12-19 15:41 - 00000000 ____D C:\Users\Magda\AppData\Local\{04C22749-51A5-4E01-804A-7E397374B263}
    2013-12-19 13:03 - 2013-12-19 13:03 - 00001087 _____ C:\Users\Public\Desktop\OMSI Addon Manager.lnk
    2013-12-19 13:03 - 2013-12-19 13:03 - 00000000 ____D C:\Users\Juschus\AppData\Local\OMSI AM
    2013-12-19 13:03 - 2013-12-19 13:03 - 00000000 ____D C:\Program Files (x86)\OMSI Addon Manager
    2013-12-19 13:03 - 2011-12-23 15:45 - 00000000 ___RD C:\Users\Juschus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2013-12-18 16:26 - 2013-12-18 16:25 - 00000000 ____D C:\Users\Magda\AppData\Local\{B1D7BD16-8A09-4645-A223-C0BB30840CC8}
    2013-12-18 10:34 - 2012-01-25 15:47 - 00224335 _____ C:\test.xml
    2013-12-18 09:50 - 2013-11-09 12:03 - 00000000 ____D C:\Users\Daniel\Documents\Native Instruments
    2013-12-18 09:45 - 2013-12-18 09:45 - 00001059 _____ C:\Users\Public\Desktop\Service Center.lnk
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
    2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{9D18D848-CED5-4665-9D6C-AC997FC4BCDD}
    2013-12-18 09:45 - 2013-06-25 15:26 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
    2013-12-18 09:45 - 2013-06-25 15:21 - 00000000 ____D C:\Program Files\Native Instruments
    2013-12-17 19:21 - 2013-12-17 19:21 - 00000000 ____D C:\Users\Magda\AppData\Local\{B999B746-3469-4828-AAF5-7C2855259D9F}
    2013-12-16 18:48 - 2013-08-26 15:45 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\CrashDumps
    2013-12-16 17:17 - 2013-12-16 17:17 - 00000000 ____D C:\Users\Magda\AppData\Local\{1C6A5EDA-C090-40FF-9794-3F1AA8D6A800}
    2013-12-16 15:37 - 2012-11-11 15:36 - 00000000 ____D C:\Users\Daniel\Documents\Kindergarten
    2013-12-15 19:02 - 2012-04-18 14:04 - 00000000 ____D C:\Program Files (x86)\Google
    2013-12-15 14:03 - 2013-07-29 19:19 - 00000000 ____D C:\Windows\system32\MRT
    2013-12-15 14:00 - 2012-05-31 17:35 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2013-12-15 10:29 - 2013-12-15 10:29 - 00000000 ____D C:\Users\Magda\AppData\Local\{7C388C7A-3E0D-4142-8648-7D2E6B320611}
    2013-12-14 13:15 - 2013-12-14 13:15 - 00000000 ____D C:\Users\Magda\AppData\Local\{B16A09D2-BAFB-4761-8038-1BFABD532C2C}
    2013-12-14 13:14 - 2013-12-14 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HpUpdate
    2013-12-14 11:51 - 2013-12-14 11:51 - 00000000 ____D C:\Users\Magda\AppData\Local\{6AF4FDA7-7A98-47EE-9CEB-8FD47E3C3E9C}
    2013-12-13 17:36 - 2013-12-13 17:36 - 00006520 _____ C:\Users\Daniel\.recently-used.xbel
    2013-12-13 15:21 - 2013-12-13 15:20 - 00000000 ____D C:\Users\Magda\AppData\Local\{F97DC64B-6D75-4794-88F8-90E2A3174C2F}
    2013-12-12 16:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
    2013-12-12 14:37 - 2013-12-12 14:37 - 00000000 ____D C:\Users\Magda\AppData\Local\{73B0FD03-1077-4945-BE13-D7FF872E4AF8}
    2013-12-11 17:32 - 2013-10-28 18:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2013-12-11 17:32 - 2012-03-30 19:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-12-11 17:32 - 2011-08-25 05:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-12-11 15:56 - 2013-12-11 15:55 - 00000000 ____D C:\Users\Magda\AppData\Local\{5F228F4F-C961-4A5C-99C5-5AB4C4C3ECDF}
    2013-12-11 15:08 - 2013-04-29 20:03 - 00000000 ____D C:\Program Files\Microsoft Office 15
    2013-12-10 11:05 - 2013-12-10 11:04 - 00000000 ____D C:\Users\Magda\AppData\Local\{A6AD93B5-74D2-4E80-B2AA-B392D250CA0C}
    2013-12-09 15:25 - 2013-12-09 15:25 - 00000000 ____D C:\Users\Magda\AppData\Local\{E54230C9-C039-488E-A949-0E0A330CDE43}
    2013-12-08 18:59 - 2013-12-08 18:59 - 00000000 ____D C:\Users\Magda\AppData\Local\{C65EFBE5-86F3-419F-98D9-0FC084E922E0}
    2013-12-08 09:39 - 2013-12-08 09:39 - 00000000 ____D C:\Users\Magda\AppData\Local\{75E0271E-8C33-4449-9D67-53C0D545898D}
    2013-12-07 16:25 - 2012-04-10 13:36 - 00000000 ____D C:\Users\Juschus\AppData\Local\Mozilla
    2013-12-07 15:14 - 2013-10-03 18:32 - 00052736 ___SH C:\Users\Daniel\Documents\Thumbs.db
    2013-12-07 12:08 - 2013-12-07 12:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\HP
    2013-12-07 12:04 - 2013-12-07 12:04 - 00002816 _____ C:\Windows\System32\Tasks\hpUtility.exe_{8A4E6FFE-B9BA-4BEA-8343-F06FCD9BF6FE}
    2013-12-07 12:03 - 2013-12-07 12:03 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
    2013-12-07 12:02 - 2013-12-07 12:02 - 00003636 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart 5520 series
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\Visan
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\HP Photo Creations
    2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
    2013-12-07 12:01 - 2013-12-07 12:01 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\HpUpdate
    2013-12-07 12:01 - 2013-12-07 11:59 - 00000000 ____D C:\Program Files (x86)\HP
    2013-12-07 11:59 - 2013-12-07 11:59 - 00000000 ____D C:\ProgramData\HP
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000057 _____ C:\ProgramData\Ament.ini
    2013-12-07 11:57 - 2013-12-07 11:57 - 00000000 ____D C:\Program Files\HP
    2013-12-07 11:52 - 2013-12-07 11:52 - 00000000 ____D C:\Users\Juschus\AppData\Local\HP
    2013-12-07 09:45 - 2013-12-07 09:45 - 00000000 ____D C:\Users\Magda\AppData\Local\{F46B2AB1-AB7C-4FC5-A4BC-4477649C9265}
    2013-12-06 18:55 - 2012-08-23 13:13 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2013-12-06 18:55 - 2012-08-23 13:13 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2013-12-06 09:07 - 2013-12-06 09:06 - 00000000 ____D C:\Users\Magda\AppData\Local\{3E0CBBBC-508F-4C1A-859F-5A5017F37FD0}
    2013-12-05 19:33 - 2011-08-25 04:50 - 00037132 _____ C:\Windows\DPINST.LOG
    2013-12-05 19:26 - 2013-12-05 19:26 - 08923288 _____ (Hamrick Software) C:\Users\Juschus\Desktop\vuex6493.exe
    2013-12-05 14:27 - 2013-12-05 14:27 - 00000000 ____D C:\Users\Magda\AppData\Local\{A54C94B9-321C-434C-B255-79FA5EED60A1}
    
    Some content of TEMP:
    ====================
    C:\Users\Juschus\AppData\Local\temp\Quarantine.exe
    
    
    ==================== Bamital & volsnap Check =================
    
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    
    
    LastRegBack: 2013-12-27 15:02
    
    ==================== End Of Log ============================
             
    --- --- ---

    --- --- ---

Alt 04.01.2014, 13:02   #8
TheMrDJJ
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by Juschus at 2014-01-04 12:57:28
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (x32 Version:  - )
ACR version 0.001 (x32 Version:  - Eutechnyx, Ltd)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (x32 Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (x32 Version: 2.7.0.19460 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19460 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0.3.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0.3.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (x32 Version: 9.0.1 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.5.635 - Adobe Systems, Inc.)
Aerosoft's - Airbus X Extended - FSX (x32 Version: 1.16 - Aerosoft)
AI Carriers (x32 Version:  - )
Analog Lab 1.0.0 (x32 Version: 1.0.0 - Arturia)
ANNO 1404 - Königsedition (x32 Version: 1.02.0000 - Ubisoft)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.149 - ArcSoft)
ArcSoft WebCam Companion 4 (x32 Version: 4.0.444 - ArcSoft)
Arduino (x32 Version: 1.0.5 - Arduino LLC)
ArtRage 2 (x32 Version: 2.6.0 - Ambient Design)
ASIO4ALL (x32 Version: 2.10 - Michael Tippach)
Atheros WiFi Driver Installation (x32 Version: 3.0 - Atheros)
Audacity 1.3.14 (Unicode) (x32 Version:  - Audacity Team)
Audiosurf (x32 Version:  - Dylan Fitterer)
Bamboo Dock (x32 Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bing Bar (x32 Version: 7.0.850.0 - Microsoft Corporation)
Bleep VSTi (x32 Version:  - )
Blender (Version: 2.68a - Blender Foundation)
Bluetooth Win7 Suite (64) (Version: 7.04.000.82 - Atheros Communications)
Bome's Virtual MIDI Port 1.0.0.11 (x32 Version:  - Bome Software GmbH & Co. KG)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bonjour Print Services (Version: 2.0.2.0 - Apple Inc.)
Bus- & Cable Car-Simulator (x32 Version:  - astragon)
Canon MP540 series MP Drivers (Version:  - )
Cheat Engine 6.2 (x32 Version:  - Dark Byte)
Cities in Motion (x32 Version:  - Colossal Order Ltd.)
CMN (x32 Version:  - )
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Corel WinDVD (x32 Version: 10.0.6.108 - Corel Inc.)
Creative Centrale (x32 Version: 1.15.08 - Creative Technology Ltd.)
Creative Centrale (x32 Version: 1.15.08 - Creative Technology Ltd.) Hidden
Creative Software Update (x32 Version: 1.02.01 - Creative Technology Ltd.) Hidden
Creative ZEN X-Fi2 Dokumentation (x32 Version:  - Creative Technology Ltd.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delhaize Service Photo (x32 Version:  - )
DHTML Editing Component (x32 Version: 6.02.0001 - Microsoft Corporation)
Die Sims™ 3 (x32 Version: 1.28.84 - Electronic Arts)
DiRT (x32 Version: 1.00.0000 - Codemasters)
DJ Intro version 1.0 (x32 Version: 1.0 - Serato Audio Research)
Dolby Home Theater v4 (x32 Version: 7.2.7000.6 - Dolby Laboratories Inc)
Douglas DC-4 for FSX (x32 Version: 3.00.0000 - Jens B. Kristensen)
Driver San Francisco (x32 Version: 1.3.0.0 - Ubisoft)
Dune BE (Beat Edition) (x32 Version:  - Synapse Audio Software)
DVDStyler v2.4.3 (x32 Version:  - )
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
eLicenser Control (x32 Version:  - Steinberg Media Technologies GmbH)
Embraer EMB120 Brasilia for FSX (HKCU Version:  - )
Emergency4 (x32 Version: 1.03.001 - )
Entity Framework Designer for Visual Studio 2012 - enu (x32 Version: 11.1.20810.00 - Microsoft Corporation)
ERS Berlin (x32 Version: 1.2.0.0 - ERS Berlin Team)
Euro Truck Simulator 2 (x32 Version: 1.1.1 - SCS Software)
Evernote v. 4.4 (x32 Version: 4.4.0.4848 - Evernote Corp.)
EZdrummer Lite Edition 64 bit (Version: 1.3.1 - Toontrack)
EZXCocktail (x32 Version: 1.3.0 - Toontrack)
FDRTools Basic 2.6.1 (x32 Version: 2.6.1 - AGS Technik)
Ferramentas de Verificação do Microsoft Office 2013 - Português (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
FL Studio 11 (x32 Version:  - Image-Line)
Flight Simulator X (x32 Version:  - )
Flight Simulator X Service Pack 1 (x32 Version:  - )
FlowStone FL 3.0 (x32 Version:  - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2 - Microsoft Corporation)
FormatFactory 2.90 (x32 Version: 2.90 - Free Time)
Fraps (remove only) (x32 Version:  - )
FSX - Airbus A318-100 Basepack v3 (x32 Version:  - Project Airbus)
FSX - Airbus A318-100 Tarom (x32 Version:  - Denis Minaev)
FSX - Airbus A319-100 Basepack v2 (x32 Version:  - Project Airbus)
FSX - Airbus A319-100 Brussels Airlines (x32 Version:  - Vital Vanbeginne)
FSX - Airbus A319-100 Lufthansa (x32 Version:  - Luke Spoor)
FSX - Airbus A319-100 Swiss (x32 Version:  - Juerg Bertschinger)
FSX - Airbus A320-200 Aer Lingus (x32 Version:  - Bobby Pitaya)
FSX - Airbus A320-200 Basepack v2 (x32 Version:  - Project Airbus)
FSX - Airbus A320-200 Iberia (x32 Version:  - Rasa Moget)
FSX - Airbus A320-200 Thomas Cook (x32 Version:  - Marco Fischbach)
FSX - Airbus A320-200 Wizz Air (x32 Version:  - Joey Rafferty)
FSX - Airbus A330-200 Aer Lingus (x32 Version:  - Thomas Ruth)
FSX - Airbus A330-200 Air Berlin (x32 Version:  - Patrick-Philippe-Christian-Seifert)
FSX - Airbus A330-200 Alitalia (x32 Version:  - Mario Monfrecola)
FSX - Airbus A330-200 Basepack (x32 Version:  - Thomas Ruth)
FSX - Airbus A330-200 Lufthansa (x32 Version:  - Thomas Ruth)
FSX - Airbus A330-200 Qantas (x32 Version:  - Jon Murchison)
FSX - Airbus A330-200 Swiss (x32 Version:  - Mario Monfrecola)
FSX - Airbus A340-200 Basepack (x32 Version:  - Thomas Ruth)
FSX - Airbus A340-200 South African Airways (x32 Version:  - Ryan Gabuyo)
FSX - Airbus A340-300 Air France (x32 Version:  - Fouad Dagher)
FSX - Airbus A340-300 Basepack (x32 Version:  - Thomas Ruth)
FSX - Airbus A340-300 Lufthansa (x32 Version:  - www.flightsimx.de)
FSX - Airbus A340-300 Swiss (x32 Version:  - Mario Monfrecola)
FSX - Boeing 747-8i Air Australia v1.00a (x32 Version: v1.00a - Anthony Ribeiro)
FSX - Boeing 747-8i Basepack v1.00 (x32 Version: v1.00 - SkySpirit2012)
FSX - Boeing 757-200 Basepack (x32 Version:  - Project Open Sky)
FSX - Boeing 757-200 Iberia (x32 Version:  - Project Open Sky)
FSX - Boeing 757-200 Thomas Cook Airlines (x32 Version:  - Project Open Sky)
FSX - Boeing 777-300 Basepack (x32 Version:  - Project Open Sky)
FSX - Boeing 777-300 KLM (x32 Version:  - Project Open Sky)
FSX - Boeing T-45C Goshawk (x32 Version:  - Dino Cattaneo)
FSX - Bombardier Learjet 60 (x32 Version:  - Premier Aircraft Design)
FSX - British Aerospace BAe 146-200 Basepack (x32 Version:  - Premier Aircraft Design)
FSX - British Aerospace BAe 146-200 Brussels Airlines (x32 Version:  - Premier Aircraft Design)
FSX - British Aerospace BAe 146-200 Qantas Link (x32 Version:  - Christopher Schenk)
FSX - Cessna Citation X (x32 Version:  - Alejandro Rojas)
FSX - Concorde (x32 Version:  - Libardo Guzman)
FSX - Dassault Falcon 7X (x32 Version:  - Premier Aircraft Design)
FSX - Flight Design CTSW (x32 Version:  - Premier Aircraft Design)
FSX - McDonnell Douglas MD-11F Basepack (x32 Version:  - Premier Aircraft Design)
FSX - Piaggio PD-808 (x32 Version:  - Mario Noriega)
FSX - Raytheon Hawker HS-125-800XP (x32 Version:  - Alejandro Rojas)
FSX - Space Shuttle Atlantis (x32 Version:  - Bruce Fitzgerald)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
gmax (x32 Version: 4.4.0.125 - Discreet)
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google SketchUp 8 (x32 Version: 3.0.11762 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HammerHead Rhythm Station (x32 Version:  - )
Hotfix für Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (KB945282) (x32 Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (KB946040) (x32 Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (KB946308) (x32 Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (KB947540) (x32 Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (KB947789) (x32 Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (x32 Version: 1 - Microsoft Corporation)
HP Photo Creations (x32 Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basic Device Software (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (x32 Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (x32 Version: 5.003.003.001 - Hewlett-Packard)
IL Download Manager (x32 Version:  - Image-Line)
IL Shared Libraries (x32 Version:  - Image-Line)
Inkscape 0.48.2 (x32 Version: 0.48.2 - )
Insane (x32 Version:  - )
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.2.1004 - Intel Corporation)
Internet Manager (x32 Version: 22.001.18.11.49 - Huawei Technologies Co.,Ltd)
iTunes (Version: 10.6.3.25 - Apple Inc.)
IvAc v1.2.4 (b225) (x32 Version:  - IVAO)
IvAp v2.0.2 (build 2773) (x32 Version:  - IVAO)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 26 (64-bit) (Version: 6.0.260 - Oracle)
Java(TM) 6 Update 26 (x32 Version: 6.0.260 - Oracle)
JPEGCrops 0.7.5 beta (x32 Version:  - )
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
JustCloud  (Version:  - JustCloud)
KORG KONTROL Editor (x32 Version: 1.30.0003 - KORG Inc.)
KORG M1 Le (x32 Version: 1.0.4 - KORG Inc.)
KORG USB-MIDI Driver Tools for Windows (x32 Version: 1.14.0603 - Korg Inc.)
Kronen-Design 1.77 (x32 Version:  - )
Landwirtschafts Simulator 2011 (x32 Version: 1.0 - GIANTS Software)
LightScribe System Software (x32 Version: 1.18.27.10 - LightScribe)
Live 8.0.7 (x32 Version:  - )
Lounge Lizard Session v3.1.4 (x32 Version:  - Applied Acoustics Systems)
MainConcept MJPEG Codec Demo (x32 Version: 3.02.0004.0000 - MainConcept AG)
MainConcept MJPEG Codec Demo (x32 Version: 3.02.0004.0000 - MainConcept AG) Hidden
MainConcept MJPG software codec (Remove Only) (x32 Version:  - )
McAfee Online Backup (Version: 1.16.6.1 - McAfee, Inc.) Hidden
McAfee Online Backup (x32 Version:  - McAfee, Inc.)
Media Gallery (Version: 1.5.0.17250 - Your Company Name) Hidden
Media Go (x32 Version: 1.7.254 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile FRA Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile NLD Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended FRA Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended NLD Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop (x32 Version: 2.0.30717.9005 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (Version: 15.0.4551.1011 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (English) (x32 Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008-Browser (x32 Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x32 Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 (Deutsch) (x32 Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch) (x32 Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (x32 Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (x32 Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (x32 Version:  - Microsoft Corporation)
Microsoft Visual C# 2008 Express Edition with SP1 - DEU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (x32 Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (x32 Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Midnight Club II (x32 Version: 2.0 - )
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (Version: 4.0.30319 - Microsoft Corporation)
Module linguistique Microsoft .NET Framework 4 Extended FRA (Version: 4.0.30319 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0 - Microsoft Corporation)
Multi Crew Experience Aerosoft Airbus A320/321 (x32 Version: 2.5.7.0 - FS++ Limited)
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Native Instruments Controller Editor (Version: 1.3.5.667 - Native Instruments) Hidden
Native Instruments Controller Editor (x32 Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Service Center (x32 Version: 2.5.2.1549 - Native Instruments)
Native Instruments Supercharger (Version: 1.1.0.418 - Native Instruments) Hidden
Native Instruments Supercharger (x32 Version: 1.1.0.418 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.0.3.10893 - Native Instruments) Hidden
Native Instruments Traktor 2 (x32 Version:  - Native Instruments)
NVIDIA 3D Vision Driver 320.49 (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (x32 Version: 1.6.9 - NVIDIA Corporation)
NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.5 (Version: 1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.49 (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049 - NVIDIA Corporation) Hidden
NVIDIA Update 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
OMSI 2 (x32 Version:  - MR-Software GbR)
OMSI Addon Manager Version 1.2.4 (x32 Version: 1.2.4 - Jan Kiesewalter)
OpenAL (x32 Version:  - )
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (x32 Version: 15.4.5722.2 - Microsoft Corporation)
PENTAX Digital Camera Utility 4 (x32 Version: 4.3.0 - PENTAX)
PlayStation(R)Network Downloader (x32 Version: 2.05.00710 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (x32 Version: 4.1.8.11883 - Sony Computer Entertainment Inc.)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prerequisites for SSDT  (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Protect Disc License Helper 1.0.125 (IE) (HKCU Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
PW Sceneries Reefs Volume 1 (x32 Version:  - Paul Wheeler/Striking Software)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Quick Web Access (x32 Version: 1.4.6.10 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.6.10 - Sony Corporation) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
RAAS Professional by FS2Crew (LOCKED) (x32 Version:  - )
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Reader for PC (x32 Version: 2.0.02.15180 - Sony Corporation)
Reader Library by Sony (x32 Version: 3.3.00.07130 - Sony)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6400 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15072 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Rigs of Rods - Rigs of Rods 0.4.0.7 - ${DESCRIPTION} (x32 Version: "${VERSIONMAJOR}.${VERSIONMINOR}.${VERSIONBUILD}" - "Rigs of Rods")
Rigs of Rods 0.38.67 (x32 Version: 0.38.67 - Rigs of Rods Team)
Safari (x32 Version: 5.34.57.2 - Apple Inc.)
SCANIA Truck Driving Simulator 1.0.0 (x32 Version: 1.0.0 - SCS Software)
SketchUp 2013 (x32 Version: 13.0.4812 - Trimble Navigation Limited)
Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SlimDX Redistributable for .NET 2.0 (September 2011) (x32 Version: 2.0.12.43 - SlimDX Group)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Spin Tires (x32 Version: 1.0.1 - Oovee)
SpinTires Tech Demo (June 040613) (x32 Version: 1.3 - Oovee)
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (x32 Version: 10.0.1600.22 - Microsoft Corporation)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Strum Acoustic Session v1.0.2 (x32 Version:  - Applied Acoustics Systems)
Sun Mod (x32 Version:  - Nick Needham/Paul Wheeler/Striking Software)
SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51 (x32 Version: v2012.build.51 - eRightSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 15.2.6.0 - Synaptics Incorporated)
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (Version: 4.0.30319 - Microsoft Corporation)
Taalpakket voor Microsoft .NET Framework 4 Extended - NLD (Version: 4.0.30319 - Microsoft Corporation)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60 - Dominating Bytes Design)
The Sims™ 3 High-End Loft Stuff (x32 Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (x32 Version: 11.0.84 - Electronic Arts)
TI-Nspire CAS Student Software (x32 Version: 3.0.2.1791 - Texas Instruments)
TmNationsForever (x32 Version:  - Nadeo)
Tony Hawk's Pro Skater 3® (x32 Version: 1.0 - Activision Publishing, Inc.)
Toontrack solo 64 bit (Version: 1.3.1 - Toontrack)
Train Simulator 2013 (x32 Version:  - RailSimulator.com)
Ultra Analog Session v1.1.4 (x32 Version:  - Applied Acoustics Systems)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Update for  (KB2504637) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Visual Studio 2012 (KB2781514) (x32 Version: 11.0.50727 - Microsoft Corporation)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2 - Microsoft Corporation)
V3DPX86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO - Media Gallery (x32 Version: 1.5.0.18100 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Keyboard (x32 Version: 1.1.0.07060 - Sony Corporation)
VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.15072 - Sony Corporation)
VAIO 3D Portal (x32 Version: 1.1.0.06232 - Sony Corporation)
VAIO Care (Version: 7.0.1.08040 - Sony Corporation)
VAIO Control Center (x32 Version: 5.0.0.07070 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.7.0.05270 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.7.0.05270 - Sony Corporation) Hidden
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (x32 Version: 2.5.0.07080 - Sony Corporation)
VAIO Hero Screensaver - Fall 2011 Screensaver (x32 Version:  - )
VAIO Improvement (x32 Version: 1.1.0.06030 - Sony Corporation)
VAIO Improvement Validation (Version: 1.0.4.01190 - Sony Corporation)
VAIO Manual (x32 Version: 1.4.0.05310 - Sony Corporation)
VAIO Sample Contents (x32 Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (x32 Version: 3.8.1.08270 - Sony Corporation)
VAIO Transfer Support (x32 Version: 1.4.0.14230 - Sony Corporation)
VAIO Update (x32 Version: 5.5.0.06290 - Sony Corporation)
VAIO Update Merge Module x64 (Version: 5.5.06290 - Sony Corporation) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VirtualDJ Home FREE (x32 Version: 7.4 - Atomix Productions)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Wacom (Version: 5.3.2-1 - Wacom Technology Corp.)
War Thunder (x32 Version:  - Gaijin Entertainment)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet IE Plugin (x32 Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (x32 Version: 1.1.0.10 - Wacom Technology Corp.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-Bit) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (x32 Version:  - Wargaming.net)
YouRiding FREESKI II version 1.005 (x32 Version: 1.005 - Intellysurf)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (x32 Version: 15.4.5722.2 - Microsoft Corporation)

==================== Restore Points  =========================

30-12-2013 15:24:22 Installed Multi Crew Experience Aerosoft Airbus A320/321
01-01-2014 21:33:56 Removed Java 7 Update 45
02-01-2014 13:25:53 Windows Update
02-01-2014 16:40:32 Removed PDF Split And Merge Basic
02-01-2014 16:41:31 Removed Ubisoft Game Launcher

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-02 16:31 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {069E84CB-00E4-46E7-92D2-4E3E657D34DC} - System32\Tasks\Sony Corporation\VAIO Care\AutoCheckMessage => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {0715C67F-75A1-4D57-83A8-98F0BA5EBD9C} - \LaunchApp No Task File
Task: {0B4064EC-417A-4740-945D-6377AA1C2D94} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {0BA2D431-7E96-408F-9108-3E39E8CBA6E8} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {19B5B816-64CE-4A0E-B9B4-0637D3A1546A} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {279C7F92-9FE1-4856-BB1D-71E4AF017DFA} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIcon => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {2A31C915-1143-4157-930E-816DAE4399A4} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Juschus-VAIO-Daniel Juschus-VAIO => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-12-11] (Microsoft Corporation)
Task: {307ADD38-D533-4D76-9113-FCA2BC75177B} - System32\Tasks\hpUtility.exe_{8A4E6FFE-B9BA-4BEA-8343-F06FCD9BF6FE} => C:\Program Files\HP\HP Photosmart 5520 series\Bin\utils\hpUtility.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {3D67EF9E-97E9-4865-A0AF-F0FBC853B4D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\office15\msoia.exe [2013-11-13] (Microsoft Corporation)
Task: {426738C3-4789-41B5-9A57-FBB1CA2D16D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {4C2F3550-E2A1-4F9A-A7A3-F82BD1C893F0} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {4CD0C408-FE5D-46F3-AC5C-581E07A829AB} - System32\Tasks\{BA70D01A-BD93-4D7F-922A-0FA045D8DBDC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.114/en/abandoninstall?page=tsProgressBar
Task: {4CE6061C-B360-4B63-B8E6-617BE6B15B19} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {60682784-0F3B-44D0-83D1-2254821E5155} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {61381C4F-3E29-4483-A9E9-3FA917BF4E92} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {646197FC-89F1-47EC-BD86-FDB894E328E1} - System32\Tasks\Sony Corporation\VAIO Care\VAU => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {761EA2B3-0EE9-4335-8319-CD15383CDF89} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {7AF9A322-9A66-421F-BD92-D1BABD6F688A} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-06-03] (Sony Corporation)
Task: {9595DD65-265D-4070-BE76-275C7425C858} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {99E72D57-C2A4-4240-AD87-778FA9DA4516} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\office15\msoia.exe [2013-11-13] (Microsoft Corporation)
Task: {9B4E0F14-24C8-4501-9048-B8C1E5572570} - System32\Tasks\AdobeAAMUpdater-1.0-Juschus-VAIO-Daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {AB5B9EC4-A9BF-4126-B3DA-264F869A494F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {B7301B3B-1E9F-4503-8D0F-2781DF383C47} - System32\Tasks\{38EAF136-A7FC-4ECC-9670-41D2D88D11CE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.114/en/abandoninstall?page=tsProgressBar
Task: {C372848A-9755-4CF6-A90B-5721AE059226} - System32\Tasks\Sony Corporation\VAIO Care\VCUpdateLearn => C:\Program Files\Sony\VAIO Care\VCsystray.exe
Task: {C44F4504-64DE-4E63-8E25-0D900DB21BE0} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {C966F408-FE5F-490C-BE55-A224A2B3E50A} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {E007B6ED-421F-41A5-B189-5E45AF69117B} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {F126AFEC-9ABC-497C-BC25-59F1256432BB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-02] (Microsoft Corporation)
Task: {F2F81E9A-0690-4062-9A6A-92A6EA802945} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {FFC7EED6-D0C6-47CE-BCE0-5E530875C3E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-13 14:08 - 2013-11-13 14:08 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2011-12-28 13:30 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2012-12-31 12:07 - 2012-12-11 12:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-03 12:47 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2013-04-03 12:47 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2013-04-03 12:47 - 2010-05-05 09:47 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2013-04-03 12:47 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2011-08-25 05:01 - 2011-07-07 15:44 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2013-08-19 09:35 - 2013-08-19 09:35 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8fea63b8217b30e1e12307f3168ad7fa\IsdiInterop.ni.dll
2011-08-25 04:46 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-01-16 10:58 - 2013-01-16 10:58 - 02408448 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2013-01-16 10:58 - 2013-01-16 10:58 - 08626176 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2013-01-16 10:58 - 2013-01-16 10:58 - 00212992 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-07-01 07:20 - 2013-11-06 22:48 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-07-26 13:46 - 2013-12-11 20:40 - 01135016 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-15 13:32 - 2013-11-06 22:48 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2010-07-13 01:28 - 2010-07-13 01:28 - 00856064 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\fsk.dll
2010-07-13 01:13 - 2010-07-13 01:13 - 00033792 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskMediaPlayers.dll
2010-07-13 01:15 - 2010-07-13 01:15 - 00233472 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\Fskin.dll
2010-07-13 01:22 - 2010-07-13 01:22 - 00020480 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskinLocalize.dll
2010-04-02 21:23 - 2010-04-02 21:23 - 00815104 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskSecurity.dll
2010-07-13 01:16 - 2010-07-13 01:16 - 00118784 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskDocumentViewer.dll
2010-07-13 01:22 - 2010-07-13 01:22 - 00009728 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskPower.dll
2010-07-13 01:26 - 2010-07-13 01:26 - 00018432 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\FskNetInterface.dll
2010-07-13 01:15 - 2010-07-13 01:15 - 00010240 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskMobileMediaDevice.dll
2010-07-13 01:25 - 2010-07-13 01:25 - 00008704 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll
2010-07-13 01:25 - 2010-07-13 01:25 - 00028160 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ticket.dll
2010-07-13 01:25 - 2010-07-13 01:25 - 00011776 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll
2010-04-02 20:44 - 2010-04-02 20:44 - 00086016 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ebookUsb.dll
2010-07-13 01:29 - 2010-07-13 01:29 - 00143360 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\connectionDetector.dll
2010-07-13 01:10 - 2010-07-13 01:10 - 00172032 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\USBDetector.dll
2013-11-13 14:08 - 2013-11-13 14:08 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2013-03-18 12:56 - 2013-03-18 12:56 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2013-02-15 11:17 - 2013-02-15 11:17 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2013-03-18 12:58 - 2013-03-18 12:58 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2013-12-28 10:23 - 2013-12-28 10:23 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-11 17:32 - 2013-12-11 17:32 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2014 00:56:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: VCSystemTray.exe, version: 7.0.1.8040, time stamp: 0x4e39f844
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xe0434352
Fault offset: 0x000000000000940d
Faulting process id: 0x2a6c
Faulting application start time: 0xVCSystemTray.exe0
Faulting application path: VCSystemTray.exe1
Faulting module path: VCSystemTray.exe2
Report Id: VCSystemTray.exe3

Error: (01/04/2014 00:56:54 PM) (Source: .NET Runtime) (User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.Collections.ObjectModel.Collection`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].set_Item(Int32, System.__Canon)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()

Error: (01/04/2014 00:46:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: VCSystemTray.exe, version: 7.0.1.8040, time stamp: 0x4e39f844
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xe0434352
Fault offset: 0x000000000000940d
Faulting process id: 0x30a8
Faulting application start time: 0xVCSystemTray.exe0
Faulting application path: VCSystemTray.exe1
Faulting module path: VCSystemTray.exe2
Report Id: VCSystemTray.exe3

Error: (01/04/2014 00:46:58 PM) (Source: .NET Runtime) (User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.Collections.ObjectModel.Collection`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].set_Item(Int32, System.__Canon)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()

Error: (01/04/2014 00:36:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: VCSystemTray.exe, version: 7.0.1.8040, time stamp: 0x4e39f844
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xe0434352
Fault offset: 0x000000000000940d
Faulting process id: 0x3204
Faulting application start time: 0xVCSystemTray.exe0
Faulting application path: VCSystemTray.exe1
Faulting module path: VCSystemTray.exe2
Report Id: VCSystemTray.exe3

Error: (01/04/2014 00:36:53 PM) (Source: .NET Runtime) (User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.Collections.ObjectModel.Collection`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].set_Item(Int32, System.__Canon)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()

Error: (01/04/2014 00:26:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: VCSystemTray.exe, version: 7.0.1.8040, time stamp: 0x4e39f844
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xe0434352
Fault offset: 0x000000000000940d
Faulting process id: 0x31d0
Faulting application start time: 0xVCSystemTray.exe0
Faulting application path: VCSystemTray.exe1
Faulting module path: VCSystemTray.exe2
Report Id: VCSystemTray.exe3

Error: (01/04/2014 00:26:57 PM) (Source: .NET Runtime) (User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.Collections.ObjectModel.Collection`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].set_Item(Int32, System.__Canon)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()

Error: (01/04/2014 00:16:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: VCSystemTray.exe, version: 7.0.1.8040, time stamp: 0x4e39f844
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xe0434352
Fault offset: 0x000000000000940d
Faulting process id: 0x202c
Faulting application start time: 0xVCSystemTray.exe0
Faulting application path: VCSystemTray.exe1
Faulting module path: VCSystemTray.exe2
Report Id: VCSystemTray.exe3

Error: (01/04/2014 00:16:47 PM) (Source: .NET Runtime) (User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.Collections.ObjectModel.Collection`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].set_Item(Int32, System.__Canon)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()


System errors:
=============
Error: (01/04/2014 08:48:49 AM) (Source: Service Control Manager) (User: )
Description: The Internet Manager. OUC service failed to start due to the following error: 
%%1053

Error: (01/04/2014 08:48:49 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Internet Manager. OUC service to connect.

Error: (01/04/2014 08:48:48 AM) (Source: Service Control Manager) (User: )
Description: The CdaC15BA service failed to start due to the following error: 
%%1275

Error: (01/04/2014 08:48:48 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\SysWow64\drivers\CdaC15BA.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/04/2014 08:48:42 AM) (Source: Service Control Manager) (User: )
Description: The atksgt service failed to start due to the following error: 
%%1275

Error: (01/04/2014 08:48:42 AM) (Source: Application Popup) (User: )
Description: Driver atksgt.sys has been blocked from loading.

Error: (01/04/2014 08:48:24 AM) (Source: ps6ah4nb) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (01/04/2014 08:48:24 AM) (Source: ps6ah4nc) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (01/03/2014 06:23:16 PM) (Source: DCOM) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}


Microsoft Office Sessions:
=========================
Error: (01/04/2014 00:56:54 PM) (Source: Application Error)(User: )
Description: VCSystemTray.exe7.0.1.80404e39f844KERNELBASE.dll6.1.7601.1822951fb1677e0434352000000000000940d2a6c01cf094359ac47e7C:\Program Files\Sony\VAIO Care\VCSystemTray.exeC:\Windows\system32\KERNELBASE.dll4d825e0f-7537-11e3-beef-ccaf78da0850

Error: (01/04/2014 00:56:54 PM) (Source: .NET Runtime)(User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.Collections.ObjectModel.Collection`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].set_Item(Int32, System.__Canon)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()

Error: (01/04/2014 00:46:58 PM) (Source: Application Error)(User: )
Description: VCSystemTray.exe7.0.1.80404e39f844KERNELBASE.dll6.1.7601.1822951fb1677e0434352000000000000940d30a801cf0941f2ed43e6C:\Program Files\Sony\VAIO Care\VCSystemTray.exeC:\Windows\system32\KERNELBASE.dllea1f6c83-7535-11e3-beef-ccaf78da0850

Error: (01/04/2014 00:46:58 PM) (Source: .NET Runtime)(User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.Collections.ObjectModel.Collection`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].set_Item(Int32, System.__Canon)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()

Error: (01/04/2014 00:36:54 PM) (Source: Application Error)(User: )
Description: VCSystemTray.exe7.0.1.80404e39f844KERNELBASE.dll6.1.7601.1822951fb1677e0434352000000000000940d320401cf09408d4ba185C:\Program Files\Sony\VAIO Care\VCSystemTray.exeC:\Windows\system32\KERNELBASE.dll8217469b-7534-11e3-beef-ccaf78da0850

Error: (01/04/2014 00:36:53 PM) (Source: .NET Runtime)(User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.Collections.ObjectModel.Collection`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].set_Item(Int32, System.__Canon)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()

Error: (01/04/2014 00:26:59 PM) (Source: Application Error)(User: )
Description: VCSystemTray.exe7.0.1.80404e39f844KERNELBASE.dll6.1.7601.1822951fb1677e0434352000000000000940d31d001cf093f24ace2d4C:\Program Files\Sony\VAIO Care\VCSystemTray.exeC:\Windows\system32\KERNELBASE.dll1f5ee04b-7533-11e3-beef-ccaf78da0850

Error: (01/04/2014 00:26:57 PM) (Source: .NET Runtime)(User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.Collections.ObjectModel.Collection`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].set_Item(Int32, System.__Canon)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()

Error: (01/04/2014 00:16:49 PM) (Source: Application Error)(User: )
Description: VCSystemTray.exe7.0.1.80404e39f844KERNELBASE.dll6.1.7601.1822951fb1677e0434352000000000000940d202c01cf093dbf0b15b1C:\Program Files\Sony\VAIO Care\VCSystemTray.exeC:\Windows\system32\KERNELBASE.dllb3dad8fc-7531-11e3-beef-ccaf78da0850

Error: (01/04/2014 00:16:47 PM) (Source: .NET Runtime)(User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.Collections.ObjectModel.Collection`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].set_Item(Int32, System.__Canon)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()


CodeIntegrity Errors:
===================================
  Date: 2014-01-02 16:19:37.605
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-02 16:19:37.559
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-28 00:26:17.525
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 00:26:17.485
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 00:26:17.435
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 00:26:17.385
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-12-23 15:58:54.137
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-12-23 15:58:54.117
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-12-23 15:58:54.057
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-12-23 15:58:54.007
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 6125.22 MB
Available physical RAM: 3223.2 MB
Total Pagefile: 12248.62 MB
Available Pagefile: 8895.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:576.56 GB) (Free:86.79 GB) NTFS
Drive d: (OMSI 2) (CDROM) (Total:1.24 GB) (Free:0 GB) UDF
Drive e: () (Removable) (Total:14.83 GB) (Free:7.43 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: B634630F)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=577 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================
         

Alt 04.01.2014, 13:16   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.01.2014, 17:46   #10
TheMrDJJ
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Wie es aussieht, hat ESET doch noch ne Adware gefunden:

log.txt:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ad5f0b36a58cee4eb93133624a12653f
# engine=16523
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-05 03:50:05
# local_time=2014-01-05 04:50:05 (+0100, Romance Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 15391740 140566855 0 0
# scanned=666047
# found=1
# cleaned=0
# scan_time=19399
sh=5DABAE71A20E71F5D416FBA4F0A7F8CD5D4F9C8C ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Qoobox\Quarantine\C\Users\Juschus\AppData\Roaming\Mozilla\Firefox\Profiles\qd1qav5j.default\extensions\50dc5ae0690d8@50dc5ae069111.com\content\bg.js.vir"
         

Alt 05.01.2014, 20:30   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Ist doch nur ein Fund im Q-Verzeichnis

Log von Malwarebytes fehlt. Logs sind immer zu posten, egal ob Fund oder kein Fund, denn es enthält mehr Infos als nur die Funde.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 06.01.2014, 10:13   #12
TheMrDJJ
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Sorry, den MBAM-log habe ich ganz vergessen.

Hier ist er:

Code:
ATTFilter
sMalwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.04.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
Daniel :: JUSCHUS-VAIO [limited]

06/01/2014 09:58:55
mbam-log-2014-01-06 (09-58-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219359
Time elapsed: 4 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Also soll ich die Adware, die ESET noch gefunden hat einfach ignorieren?

Alt 06.01.2014, 11:00   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Was hast du "ist nur im Quarantäneordner" nicht verstanden?
Oder weiß du nicht was eine Quarantäne ist

Zitat:
Database version: v2014.01.04.03
Du hast MB vorher nicht aktualisiert. Bitte den Quickscan mit aktuellen Signaturen wiederholen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Geändert von cosinus (06.01.2014 um 12:08 Uhr) Grund: typo

Alt 06.01.2014, 11:17   #14
TheMrDJJ
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



Das ist mit jetzt peinlich

Ja ich weiß, was Quarantäne bedeutet, hab es nur nicht gesehen. Ich hoffe, jetzt stimmt alles:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.06.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
Juschus :: JUSCHUS-VAIO [administrator]

06/01/2014 11:14:31
mbam-log-2014-01-06 (11-14-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 326233
Time elapsed: 1 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

Alt 06.01.2014, 12:08   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Standard

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen



TFC - Temp File Cleaner

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.




Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen
adblock, adware, bingbar, bluescreen, entfernen, exploit.drop.gs, firefox, flash player, hijack, hijackthis, homepage, install.exe, logfile, mozilla, pup.optional.conduit.a, pup.optional.optimizepro.a, pup.optional.silentinstall.a, pup.optional.somoto, realtek, redirect, schutz, software, svchost.exe, wlan



Ähnliche Themen: Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen


  1. Download protect lässt sich aus Google Chrome nicht entfernen !
    Plagegeister aller Art und deren Bekämpfung - 23.06.2014 (13)
  2. Google Redirect Virus entfernen
    Log-Analyse und Auswertung - 19.12.2013 (15)
  3. Google Redirect & Windows Sicherheitscenter lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 31.07.2013 (20)
  4. Google Redirect Virus und Windows Sicherheitscenter deaktiviert und lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 10.03.2013 (16)
  5. Google Redirect Virus entfernen
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (17)
  6. Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten
    Log-Analyse und Auswertung - 18.07.2012 (27)
  7. Google redirect Virus entfernen
    Plagegeister aller Art und deren Bekämpfung - 18.06.2012 (1)
  8. Google redirect virus entfernen
    Log-Analyse und Auswertung - 01.06.2012 (1)
  9. Google Redirect Virus entfernen!
    Log-Analyse und Auswertung - 06.04.2012 (17)
  10. Google Redirect Virus entfernen
    Plagegeister aller Art und deren Bekämpfung - 27.02.2012 (25)
  11. Google Redirect Virus entfernen?
    Plagegeister aller Art und deren Bekämpfung - 27.02.2012 (19)
  12. Google Redirect Virus entfernen!
    Plagegeister aller Art und deren Bekämpfung - 21.02.2012 (23)
  13. google redirect , windows-sicherheitscenter lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 05.01.2012 (2)
  14. Rootkit lässt sich nicht entfernen Gmer stürzt mit Bluescreen ab!
    Plagegeister aller Art und deren Bekämpfung - 12.11.2011 (13)
  15. Google Redirect Virus entfernen - WIE ?
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (36)
  16. Google Redirect Virus entfernen ?
    Plagegeister aller Art und deren Bekämpfung - 08.07.2011 (7)
  17. Google Redirect Virus entfernen?
    Plagegeister aller Art und deren Bekämpfung - 25.03.2011 (15)

Zum Thema Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen - Hi, Ich werde seit einigen Tagen bei Google-Suchen ungewollt auf dubiose Webseiten umgeleitet (z.B. "URL4Short.info"). Das geschieht allerdings nicht nur auf meinem PC, sondern auch auf unserem Familien-Tablet-PC. Beide Geräte - Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen...
Archiv
Du betrachtest: Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.