Notebook wird immer langsam - etwas eingefangen?

tam · 16.02.2014, 20:35

Hallo,

seit einiger Zeit ist mir aufgefallen, dass mein Notebook immer langsamer wird. Avira meldete vor einigen Tagen einen Fund: Adware.Gen2, Malwarebytes ist durchgelaufen und hat nichts gefunden.
Hier der OTL-Bericht:

Code:

ATTFilter

OTL logfile created on: 14.02.2014 17:20:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sabine\Desktop\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 50,49% Memory free
7,96 Gb Paging File | 5,26 Gb Available in Paging File | 66,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,06 Gb Total Space | 471,24 Gb Free Space | 80,96% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: SABINE-VAIO | User Name: Sabine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2014.02.14 15:57:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sabine\Desktop\Downloads\OTL.exe
PRC - [2014.02.02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.12.12 12:28:54 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.12.12 12:25:57 | 000,684,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.11.14 13:25:40 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.07.19 17:29:00 | 000,557,968 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2013.06.20 08:58:03 | 000,391,040 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
PRC - [2013.04.18 14:56:22 | 001,227,800 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2013.04.18 14:56:14 | 000,659,992 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2013.04.08 17:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2013.04.08 17:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2013.04.04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.06 13:27:08 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.05.19 18:15:44 | 000,549,616 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2011.04.29 16:20:18 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.04.24 07:02:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.03.05 15:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011.03.05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011.02.23 16:47:42 | 000,114,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
PRC - [2011.02.21 11:55:08 | 000,113,824 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
PRC - [2011.02.21 11:55:08 | 000,067,232 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
PRC - [2011.02.15 10:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011.02.01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.20 11:16:26 | 000,887,000 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2010.11.26 23:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.11.26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.09.13 17:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.13 17:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2007.02.04 11:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014.02.13 12:02:22 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ca708d556b8236f0e2a42a36d74c2118\IAStorCommon.ni.dll
MOD - [2014.02.13 12:02:21 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\1e9d1e37ec5332cf60baf5147f83d1bd\IAStorUtil.ni.dll
MOD - [2014.02.13 11:47:05 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014.02.13 11:46:30 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.13 11:46:23 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.13 11:46:03 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014.02.13 11:45:57 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.13 11:45:54 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.13 11:45:53 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.13 11:45:46 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014.02.02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
MOD - [2014.02.02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014.02.02 00:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
MOD - [2014.02.02 00:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
MOD - [2014.02.02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2013.06.20 08:58:03 | 000,391,040 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
MOD - [2012.08.06 13:27:08 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe
MOD - [2012.08.06 10:54:24 | 009,843,640 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
MOD - [2011.09.06 14:14:42 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.11 10:24:31 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
MOD - [2010.07.13 14:07:23 | 007,826,432 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
MOD - [2010.07.05 10:19:39 | 000,116,736 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
MOD - [2010.06.24 02:16:19 | 002,150,400 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
MOD - [2010.06.02 06:05:48 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qgif4.dll
MOD - [2010.06.02 06:05:40 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
MOD - [2010.06.02 03:56:04 | 000,232,960 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
MOD - [2010.06.02 03:54:24 | 002,530,816 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
MOD - [2010.06.02 03:29:22 | 000,934,912 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
MOD - [2010.06.02 03:28:00 | 000,335,360 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2012.08.06 13:27:08 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV - [2014.02.13 13:56:09 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.28 13:49:52 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.12 12:28:54 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.11.14 13:25:40 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.10.16 14:08:06 | 000,186,056 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2013.10.16 12:29:38 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\Sony\MSS\3.8.130\McCHSvc.exe -- (McComponentHostServiceSony)
SRV - [2013.09.05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.08.27 15:32:32 | 000,961,624 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2013.08.01 10:18:44 | 001,368,624 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV - [2013.07.19 17:29:00 | 000,557,968 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2013.04.18 14:56:22 | 001,227,800 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2013.04.18 14:56:14 | 000,659,992 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013.04.18 10:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013.04.08 17:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2013.04.08 17:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.04.04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.10.12 14:02:44 | 000,054,760 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2012.07.17 14:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.07.19 04:45:52 | 000,104,096 | ---- | M] (Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe -- (DCDhcpService)
SRV - [2011.05.19 18:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2011.04.29 16:20:18 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.04.29 16:19:22 | 000,091,296 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011.04.24 07:02:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.03.29 07:13:25 | 002,361,344 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.03.05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011.02.21 11:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011.02.21 11:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011.02.18 21:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2011.02.18 21:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2011.02.01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.01.20 11:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.01.20 11:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.11.26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.11.21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.09.13 17:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.12.17 13:49:10 | 000,089,304 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2013.12.12 12:28:58 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.12.12 12:28:58 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.11.14 13:26:16 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.08.29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.07.19 17:10:18 | 000,112,080 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2013.07.19 16:12:40 | 000,052,080 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64-6.sys -- (vpnva)
DRV:64bit: - [2013.04.18 14:55:50 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2013.04.04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.02.18 08:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.01.23 09:31:52 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2013.01.23 09:31:52 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2013.01.23 09:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2013.01.23 09:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.10.17 13:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.20 16:23:40 | 000,317,776 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011.06.21 01:03:42 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.04.29 16:19:36 | 000,288,416 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.04.29 16:19:36 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.04.29 16:19:36 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.04.29 16:19:36 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011.04.29 16:19:36 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.04.29 16:19:36 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.04.29 16:19:36 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.04.29 16:19:34 | 000,259,232 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.04.29 16:19:34 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.03.29 07:51:30 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.29 07:15:05 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.03.29 04:57:20 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.22 16:27:05 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.04.26 21:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 21:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.01.09 11:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2007.04.17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2013.10.16 14:08:04 | 000,200,552 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{43BC01C1-13FB-4588-B33D-A73B9ACCE8B0}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\..\SearchScopes\{B9BB60E4-803E-4D51-B46D-165E3ADB6371}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: FFPDFArchitectConverter%40pdfarchitect.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: "https://www.google.com/search"
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\Sony\MSS\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.07.19 18:47:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.01.27 10:01:47 | 000,000,000 | ---D | M]
 
[2012.01.18 19:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sabine\AppData\Roaming\mozilla\Extensions
[2014.01.24 13:06:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sabine\AppData\Roaming\mozilla\Firefox\Profiles\mcv1w1a9.default\extensions
[2012.09.19 17:43:33 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Sabine\AppData\Roaming\mozilla\Firefox\Profiles\mcv1w1a9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2013.12.12 13:54:18 | 000,158,589 | ---- | M] () (No name found) -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi
[2014.01.17 22:29:25 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.12.28 13:49:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.12.28 13:49:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.07.19 18:47:25 | 000,000,000 | ---D | M] (PDF Architect Converter For Firefox) -- C:\PROGRAM FILES (X86)\PDF ARCHITECT\FFPDFARCHITECTEXT
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Widevine Content Decryption Module (Disabled) = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\Sony\MSS\3.8.130\npMcAfeeMss.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: WOT = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.4.6_0\
CHR - Extension: YouTube = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Google-Suche = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Search by Image (by Google) = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.5.1_0\
CHR - Extension: Zotero Connector = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\4.0.8.2_0\
CHR - Extension: AdBlock = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: avast! Online Security = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Google Wallet = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Google Mail = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014.01.22 11:39:50 | 000,002,745 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O1 - Hosts: 134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\Sony\MSS\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe ()
O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A0B6117-838D-47C1-AF82-43CEE1C1922C}: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8553E4F-EC0A-4E94-918C-DCB010C78FBE}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.02.13 13:56:09 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.13 11:03:08 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.02.13 11:02:05 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.13 11:02:05 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.13 11:02:04 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.13 11:02:04 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.13 11:02:04 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.13 11:02:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.13 11:02:03 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.13 11:02:03 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.13 11:02:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.13 11:02:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.13 11:02:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.13 11:02:02 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.13 11:02:02 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.13 11:02:02 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.13 11:02:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.13 11:02:02 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.13 11:02:00 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.13 11:02:00 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.13 11:02:00 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.13 11:02:00 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.13 11:01:57 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.13 11:01:57 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.13 11:01:54 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.13 08:39:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.02.13 08:39:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.02.13 08:38:58 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014.02.13 08:38:58 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014.02.13 08:38:58 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014.02.13 08:38:58 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014.02.13 08:38:57 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014.02.13 08:38:57 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.02.13 08:38:57 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014.02.13 08:38:57 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014.02.13 08:38:57 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.02.13 08:38:57 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014.02.13 08:38:57 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014.02.13 08:38:57 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014.02.13 08:38:57 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014.02.13 08:38:57 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014.02.13 08:38:57 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014.02.13 08:38:57 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.02.13 08:38:57 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014.02.13 08:38:52 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014.02.13 08:38:52 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014.02.09 20:23:47 | 000,000,000 | ---D | C] -- C:\Users\Sabine\Desktop\2014_02_09
[2014.01.27 10:01:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014.02.14 17:20:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.14 16:44:25 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.14 16:41:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.02.14 16:32:50 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.14 16:32:50 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.14 16:25:28 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.14 16:24:41 | 3206,959,104 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.14 14:20:46 | 000,001,694 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2014.02.13 13:56:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.13 13:56:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.02.06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.01.28 10:22:57 | 000,948,334 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.01.28 10:22:57 | 000,728,002 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.28 10:22:57 | 000,228,646 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.01.28 10:22:57 | 000,193,670 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.28 10:22:57 | 000,006,248 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.27 10:01:47 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014.01.24 14:31:20 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.01.24 12:37:24 | 000,325,264 | ---- | M] () -- C:\Users\Sabine\Desktop\bsc_modulhandbuch_2008.pdf
[2014.01.22 11:39:50 | 000,002,745 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.01.19 16:37:02 | 000,000,842 | ---- | M] () -- C:\Users\Sabine\AppData\Local\cookies.ini
[2014.01.16 16:46:48 | 000,001,023 | ---- | M] () -- C:\Users\Sabine\Desktop\Dropbox.lnk
[2014.01.16 14:23:15 | 000,432,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.02.13 13:56:09 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.27 10:01:47 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014.01.27 10:01:47 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014.01.24 12:37:24 | 000,325,264 | ---- | C] () -- C:\Users\Sabine\Desktop\bsc_modulhandbuch_2008.pdf
[2013.12.24 22:10:09 | 000,000,842 | ---- | C] () -- C:\Users\Sabine\AppData\Local\cookies.ini
[2013.11.12 15:54:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.11.12 15:54:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.11.12 15:54:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.11.12 15:54:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.11.12 15:54:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.07.12 10:03:37 | 000,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll
[2013.07.12 10:01:38 | 000,000,424 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2013.06.14 20:15:54 | 000,001,694 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013.06.12 18:18:03 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2013.02.10 14:09:10 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2013.02.06 10:48:19 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2013.02.06 10:48:00 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\hpcc3130.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2013.11.02 17:18:40 | 104,684,788 | ---- | M] ()(C:\Windows\SysWow64\ª??$) -- C:\Windows\SysWow64\ª됽癌$
[2013.11.01 17:18:56 | 104,684,788 | ---- | C] ()(C:\Windows\SysWow64\ª??$) -- C:\Windows\SysWow64\ª됽癌$
[2013.10.19 20:29:37 | 101,983,560 | ---- | M] ()(C:\Windows\SysWow64\???@) -- C:\Windows\SysWow64\兽ᵴ@
[2013.10.19 20:29:37 | 101,983,560 | ---- | C] ()(C:\Windows\SysWow64\???@) -- C:\Windows\SysWow64\兽ᵴ@
[2013.10.08 09:55:21 | 099,836,383 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\⚔唵“
[2013.10.04 16:02:10 | 099,836,383 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\⚔唵“
[2013.09.20 16:03:30 | 098,481,651 | ---- | M] ()(C:\Windows\SysWow64\???P) -- C:\Windows\SysWow64\ࣷ꟩P
[2013.09.19 18:39:49 | 098,481,651 | ---- | C] ()(C:\Windows\SysWow64\???P) -- C:\Windows\SysWow64\ࣷ꟩P
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

tam · 16.02.2014, 20:36

Extra.txt

Code:

ATTFilter


	Code: 

 ATTFilter

  
	OTL Extras logfile created on: 14.02.2014 17:20:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sabine\Desktop\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 50,49% Memory free
7,96 Gb Paging File | 5,26 Gb Available in Paging File | 66,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,06 Gb Total Space | 471,24 Gb Free Space | 80,96% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: SABINE-VAIO | User Name: Sabine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04682D6E-9194-4FDA-9CED-C87C0F7CCF19}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1C3B0A23-9AEF-4F7D-B939-0347EEE5A7DE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1E32D978-D26B-4F08-A7C5-278195962C59}" = lport=139 | protocol=6 | dir=in | app=system | 
"{2534EA55-25B3-4193-9C43-F2611A43FA43}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2910F519-DBD6-4310-A4EF-D33CFD18D322}" = rport=445 | protocol=6 | dir=out | app=system | 
"{2EEAAE20-0887-4E3E-9ECB-4F6CFCDBD55D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{335906CC-594E-44F2-9036-EEA7D2A62C3D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3389496F-E8FD-4FE1-8C50-D18936BC4B80}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{3B903B89-2F76-4226-A92A-4CDDB14353E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3E990AC8-F0A0-4DB6-8A25-2C7412221E6F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4571A56D-5D3A-4256-91F9-9CA0956747F4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{481822C5-645F-46F9-A79B-4A03FFE03646}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4A6A4CDF-93A9-4EE0-9127-CC484F30B757}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{5C17FFA3-4F2F-4955-859B-1FD905AF82EE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{64171365-47CF-4EBE-8E65-073B65939F5A}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{67ACA84A-233B-43BE-B917-9683D48B289E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6E87BCC5-FBEC-4D14-B6A6-5635ABB28B92}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{77798BD3-F205-44F0-AB19-C3B0808CD1AF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{7A53A647-F6B1-40F9-83DF-DADA96AB26A5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{7E868C80-0B91-4196-B086-56519816D5E9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{82580085-E221-4DC3-9CEA-6CAB85CE0A17}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{82A2796D-2DCD-486A-B09F-474BFB794F66}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8A54D234-7EED-43F0-8A4F-F06AECFEAF06}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{99FB0A36-851C-4CFB-BA09-183C2EC6305D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9A47ADE1-740D-45BA-BFEE-1ED9A037E5BE}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{9A6DB67B-ED5B-4FF4-992A-D4902920EC73}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A02684E4-A2DD-47D2-B635-889CC94A752F}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A0C04190-186E-40CE-B66E-BC025A1E0036}" = lport=53 | protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\dcdhcpservice.exe | 
"{A62E850F-E341-44E2-B58E-217C422DC8C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A9B956A1-3006-45E0-B731-9B3423636B58}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{B647D308-7B96-4994-BD1B-49533AD41B4B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C25578EE-244F-4F45-9BAD-995588A14324}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D087F2A3-E773-4838-A5FD-920B035CBF62}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{E1524197-B757-4C26-90F1-F44FD8476602}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{E59CBEA6-6DF0-4DC3-B4F3-08907F3DAE79}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{EECE1108-CC19-4DEB-8271-62647E9ED74C}" = lport=80 | protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AB2AD7-43CD-48EC-BE59-152BBF6C1BD0}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{04472324-8E70-47CC-8F98-AB09F1FEC774}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{0B85A101-48F9-488F-A859-A6447EE50004}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{0DFBEBC6-101A-43DF-9679-54C92486F48A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{123CFC11-786E-4009-B3C9-8546ACE88458}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{14F0C115-A5D8-4582-AE6D-9C7D747A03F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1FFA75DF-FA66-4953-8B80-07FF1CB89A5A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{211B1048-A1D1-4CD8-8159-E294095B7E12}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{275BF839-24E2-4322-A6F3-209642CC89D2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2957A0A7-B7CC-484E-B714-6909BBE54A4E}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{29DD3642-4493-4B0D-B18C-33A7D775D140}" = protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe | 
"{2BD54C05-69AA-4E91-A386-97A8D17A12A7}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe | 
"{2D0F0A68-C183-436C-99BC-E9B06169B216}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{31698AA8-8C2C-4895-B605-8885EC75F4FB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{370B4999-494F-4B0E-9FC9-1975ED33675A}" = dir=in | app=c:\users\sabine\appdata\local\microsoft\skydrive\skydrive.exe | 
"{3F8A9F7A-9DD2-448D-A367-72B41079CA9E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{4074E7B4-6CBC-4B1E-A5A6-04665762A117}" = protocol=17 | dir=in | app=c:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe | 
"{44706F2A-543E-400F-B59E-11BAF966DE88}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{521CB336-8FED-4664-8260-21D17AF3981E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{5234884D-0117-45A1-8E64-6A983319C5C7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{545D28AF-5F6D-418A-869C-F90450ADF7DA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{559DB879-79B3-47A7-9EA5-696949530AEB}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{55DF564C-581E-4CFD-A024-CEE134B71F0C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{57EA5446-A278-416E-8DA9-5E7216E36471}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{59B81B48-D1C7-4AA2-BCCD-57D467CC1788}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe | 
"{60260034-B243-44EA-A4A3-AB26CE525987}" = protocol=6 | dir=in | app=c:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe | 
"{6869F7C6-0E77-4989-9648-EEC19191D1F2}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe | 
"{69D23672-828B-4C4A-AE7A-E499F17AC5DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6DE7209F-3ACE-4826-A354-271C2122FCF5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{7084F836-0347-4324-B032-098AA1DC745B}" = protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe | 
"{75225A1B-61FE-4B48-9E06-11DA85033CAA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7540E8A2-A39C-43E0-9BA7-30C50F119DEA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{7607F973-0BDC-4DEC-9459-E22A35E7EB76}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{838A3C19-78EB-48F5-B83F-C13A311F5948}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{898B8231-8552-4E9D-9F0D-22E94CB88411}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{8A5A7ED2-6373-41D0-AC88-9733DBA77415}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9115FC29-E831-4313-94DD-7333C4842A62}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe | 
"{9EF564B1-EBEC-4657-9147-2187349EE3B6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{9FBC7748-AEA6-4224-B7A7-631C0A70C4F3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{AB4892DA-C13C-4521-8968-E930ED53C3E5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{AEA7B9C4-F669-46D9-8840-5DAC4554408B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{B10F69BD-6C2D-44B3-9A62-C70AD611C430}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{B3C76FEC-D662-47A1-ACEB-DA5834DED091}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{C18D8F0C-9DAE-431D-8F26-466D40DDA613}" = protocol=6 | dir=out | app=system | 
"{C5FC26D6-4F80-42CF-AF2C-949B2FF3E08E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{C9C0C8F5-7379-422E-8FFB-D2C6553FFA9B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{CB06E252-368B-4804-8107-168BFBA91E02}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{D8ECE6E6-FA71-42C2-8039-C177D6766DB2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{DA150018-CEAD-417C-886C-BD21E55BD827}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DB2DE0D9-372D-42A1-8444-A5E4EAF4A916}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{DCE2A952-C6D2-453C-89CE-393D7DBEA360}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{E53430C4-3E47-4E41-A134-C9DFF1FF38C2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E7BD1861-FA50-4422-B4EC-8BDE67240054}" = protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe | 
"{ED46217C-66C0-4FC1-B7CC-BCA7777CAF4B}" = protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe | 
"{F067753A-E306-4E4F-8E4C-438741474237}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F4D9338A-9A0A-4320-8FB0-33F8B980768D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{F63C0FB0-C211-4FFF-AC0F-77A14FD8C20C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FBAA8F1C-EFD3-410B-9A3C-09B41022FC59}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{FF0E7364-BE0B-4B34-B80C-5F9C09B73EB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{2A157CAE-4044-4CEA-8BEC-8BD116ACE237}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{2C655C2C-1776-4950-B880-1921F0F24C6D}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{8B036BA8-5B36-49B5-AF88-6A2D161B9D21}C:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{9BE16FC0-5907-4FD6-93B4-CBB1C8314E3A}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{AE7A5BDF-EF56-41DB-8F87-1E4A6B475BBE}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"TCP Query User{AF33B544-EF43-4E58-A9BB-BE8CD8CB0E46}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{081B9487-BD60-4E0D-88EE-9D0E44623560}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{0CB05E65-D14F-411F-8F4D-87E2DB822612}C:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{3811CD56-881F-4CBE-82F5-4D2058F32ED7}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"UDP Query User{684744CD-3610-49F9-8B00-AA99ED519F04}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{8CDE4B91-1496-47E1-984A-60C33A79C4F5}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{B4274E35-2013-4F84-9D01-DC748809FD97}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX700_series" = Canon MX700 series
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86417045FF}" = Java 7 Update 45 (64-bit)
"{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}" = Windows Live Family Safety
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99E6C2F3-59B2-4308-B1CD-4928B55B7E30}" = VGClientX64
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 268.31
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}" = WinZip 16.5
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}" = VAIO Care
"{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}" = VESx64
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD868C71-6CCF-42E2-B90D-0504AB0036FE}" = 64 Bit HP CIO Components Installer
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Sandboxie" = Sandboxie 4.06 (64-bit)
"WinRAR archiver" = WinRAR 5.01 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{023701CB-8DC0-477C-93B7-48CCE446B678}" = Windows Live Writer Resources
"{032CB0D7-FDBF-4CA9-901B-A4C1B01B1777}" = Συλλογή φωτογραφιών
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" = 
"{0496AEAF-27A8-483A-ACB0-BF4B4D51F148}" = Windows Live Mail
"{05C0B4A9-DF70-4C05-BAEF-E21CFF3E7C7C}" = Movie Maker
"{060689B2-F271-4D1B-9E53-97FACB1FD107}" = Windows Live Essentials
"{0647875D-34DC-49E3-853C-265FCB30DD0A}" = Windows Live Writer Resources
"{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
"{06738361-EB60-40D7-84BC-7807ED7EF282}" = Fotoğraf Galerisi
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play mit PlayStation®3
"{07944A8A-9045-4C4C-9EB0-1C2E171E3008}" = Photo Common
"{08466673-3905-4437-93E8-34A221B7CA4E}" = Fotogaléria
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D7BC86-7358-464C-8AD0-0D84B5F0A0C9}" = Remote Keyboard
"{0A958D81-B6FB-4BB2-82A8-67469F2D54AB}" = Movie Maker
"{0B2DD869-32D0-4AED-99B7-1DD10A434733}" = Windows Live Writer Resources
"{0C808377-8C23-44ED-9016-05F42E6D4900}" = Nokia Suite
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}" = Movie Maker
"{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}" = Fotogalerie
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{119A44B5-6237-4D56-8424-5DAE70ED3F4E}" = Windows Live UX Platform Language Pack
"{140754E1-C019-44A9-A81B-2D7625AABE8A}" = Photo Common
"{15F16DD9-670C-4B8F-9F92-BC358AB814BD}" = Windows Live Family Safety
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1EFB835F-DD75-48EC-BB3D-1A71CF604457}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2066A4E6-DE7B-4625-BE03-BD1F5FD01BC7}" = Windows Live Family Safety
"{207DA277-6A6D-4863-B535-129931D2BB21}" = Galeria fotografii
"{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Qualcomm Atheros Direct Connect
"{22C58DA3-FA02-4DD3-8C5B-23570411E95B}" = Windows Live Writer Resources
"{234BD64C-99F4-42B5-837F-82F00E37A7E1}" = Фотографии (общедоступная версия)
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{23B93929-FAD4-40E5-96C6-0E977BB87204}" = Windows Live Essentials
"{245C4CCD-8829-469C-9278-2BA330BEB8F4}" = Valokuvavalikoima
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26536744-B969-4F6D-A09B-009A902CF550}" = Windows Live Messenger
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
"{2809D777-E57C-48AA-A266-77725C1B35AC}" = Windows Live Writer
"{28950295-A98C-4081-AC82-045E9879945E}" = Windows Live UX Platform Language Pack
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A17BB1D-6850-4BEA-993A-A9E7447B6C50}" = Windows Live Messenger
"{2A32CF5E-58A3-4428-919C-8958A6A4D034}" = Windows Live Writer Resources
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2B6D488C-B5EC-4F2D-A155-97D664DC88AD}" = Windows Live Writer Resources
"{2B7CCFEB-1AAF-4449-87D2-226181FAD5D1}" = Windows Live Messenger
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F2363F9-102C-448B-8E3E-02FCFE78A28D}" = Movie Maker
"{30ADC681-8493-4955-B3E9-A08D4DAF316F}" = Windows Live Essentials
"{3162D9D4-122C-4ADE-8D1C-C45487F94135}" = Photo Common
"{3272CD17-7958-452A-8E6E-8C85CFFDBEDF}" = Windows Live UX Platform Language Pack
"{33C5B96C-0E03-4BF0-B14E-2E10E0869123}" = Windows Live Writer Resources
"{33F30A57-37FE-4B49-BE13-43DACE40706E}" = Windows Live Family Safety
"{356BAE2E-3A48-4A6F-8BC6-AC62D50ECFA3}" = Windows Live Messenger
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{379DA4C6-8C91-4F36-9D25-F08E8959E0DF}" = Poczta usługi Windows Live
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3C60C40A-934A-4008-B68B-E70F58420AA1}" = Windows Live Essentials
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E344FF7-19C8-401C-AF67-080B0E78010D}" = Windows Live Messenger
"{3F3C94C4-C251-4D3B-B810-1C0319B8ACAD}" = Windows Live Temel Parçalar
"{403DF733-3CA6-4EE8-AB9B-CB12C70D6651}" = Windows Live Writer
"{40C4903E-EDFB-4CAE-A611-41FEBA585921}" = VTech Download Agent Library
"{41B80DF0-47D5-46BC-98BD-8B07AD3B6AF4}" = Photo Gallery
"{44B4333A-60A6-4FFC-BCC5-B0ECA23D2AAB}" = Почта Windows Live
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{46804E41-834A-4A0A-BC77-D4A744D78E8C}" = Windows Live Essentials
"{46BADE08-F9BE-4365-8B91-11FDCE73FF9D}" = Windows Live Family Safety
"{46BC55A2-B4CE-46B5-8303-A2076B899505}" = Windows Live UX Platform Language Pack
"{47824255-3AD0-400A-851A-FCC69553FE66}" = Windows Live Essentials
"{49C33228-53FB-4614-BC1E-BEA5A8A560AC}" = Windows Live Writer
"{49DC9658-D26A-4AAB-A83A-2655B8033056}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BA4C083-1C8D-452F-920B-3614FDA5B7EF}" = Windows Live Writer Resources
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{4F4A4FBF-133D-460E-8617-6D48E0A2B4E4}" = Windows Live Writer Resources
"{4FB56489-F34B-42AA-9437-FB9E0B0543F7}" = Movie Maker
"{5086C198-F201-4BAE-B2DA-B0C15A48E9D1}" = Windows Live Family Safety
"{50B9AFE8-CC65-4C04-9ADD-1BD3FFD95498}" = Movie Maker
"{510807D0-219E-43ED-973F-A382FEA66039}" = Movie Maker
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{55216D03-5BB4-4421-912A-723364509FA4}" = Windows Live Family Safety
"{566E862A-6CFD-4CFD-A2BB-69C81A08176E}" = Windows Live UX Platform Language Pack
"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive
"{57ADCDED-9C85-43D1-97B3-BC961476190F}" = Windows Live Family Safety
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{57E9679B-A7D2-4662-A96B-B6A4F64420D8}" = Movie Maker
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5B11ED63-D7E1-4117-B4B8-6C3560DCB49A}" = Windows Live Mail
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5C601EA8-D519-4010-8CD0-BD3B94A6DD58}" = Photo Common
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{5F5D8761-EC39-4E52-BD5B-B095275E9B0A}" = Photo Common
"{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}" = Remote Play with PlayStation 3
"{602643BD-3C18-4ADE-B4A1-192F93D443EA}" = Windows Live UX Platform Language Pack
"{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}" = Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6389F199-1D6C-4974-9557-693F9DD48736}" = Windows Live Writer Resources
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = PMB VAIO Edition Guide
"{686725C1-56F8-45DE-ADB1-9970B965FD8B}" = Windows Live Writer Resources
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A65306E-0478-4701-9DA5-E906F32FBB54}" = Windows Live Mail
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6BA68C11-0B63-4192-B880-0B5E3F7949F9}" = Windows Live UX Platform Language Pack
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D703E2D-C66A-4FDB-AC5D-5D6CDE50804A}" = Windows Live Messenger
"{6DFF6F1B-F876-4007-AC82-42D5DDF0E090}" = Galeria de Fotografias
"{6E027BEA-AEFF-4AFB-9449-7CE7AE32085D}" = Movie Maker
"{705C31EB-E0AB-4C1F-A834-993F9E08B085}" = Movie Maker
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{70E5B14F-90ED-4D3D-A136-7851C9190942}" = Windows Live UX Platform Language Pack
"{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71603280-2C9D-4578-B162-16FCC1002D9E}" = Windows Live Messenger
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{722CD95C-98C7-4E73-925A-68D2D4F651A6}" = Photo Common
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur 
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{74A3278B-6F1B-4400-9DB4-6F4644836946}" = Photo Common
"{765D66D1-A924-4801-BC22-D0D7E0DDDEAF}" = Windows Live UX Platform Language Pack
"{7693587D-5D66-4208-ABEA-C370217D1D9B}" = Movie Maker
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{780291FE-0D39-441E-BE3D-7A820951C3D4}" = Photo Common
"{7881716A-5DA3-4B3F-A3CC-E63676E5CF78}" = Windows Live Messenger
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DF4802-2B2B-4333-99AF-363C2F93D476}" = Windows Live Writer Resources
"{7A9122B2-CF90-4ACB-8E10-AA83F725916B}" = Основные компоненты Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7C6F0282-3DCD-4A80-95AC-BB298E821C44}" = Windows Live Writer
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Atheros WiFi Driver Installation
"{7F478575-B004-4511-90E2-E29938398A26}" = Windows Live Family Safety
"{80729AE7-2C32-4E16-9F96-EFD544B5CAC1}" = Windows Live Family Safety
"{809BA3EC-CC03-423F-A684-A9A75A5AF6F9}" = Windows Live Family Safety
"{81369E8E-4E3A-444E-85FA-7AF85B0FCE80}" = Photo Common
"{829CFCB1-11AF-4935-B5B0-92F2B4FC2A46}" = Windows Live Writer Resources
"{82A7E300-CB80-4084-8BB5-423F2D6908B1}" = Windows Live UX Platform Language Pack
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{847E728F-57F9-49FE-8605-71566916EC38}" = Windows Live Mail
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{87BBF2E6-3D26-4C43-B09E-89EA2DEA5217}" = Windows Live Family Safety
"{87E79A55-EBF1-472F-BCAD-4A631B9A69A5}" = Фотогалерия
"{89870E0D-9602-41F8-9E83-14F6849346A4}" = Windows Live Mail
"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery
"{8B583EF5-FA7B-4AE2-9008-51B7FD505886}" = VGClientX86
"{8C55FF2F-D9AC-4EBC-8AA2-90E2552634C0}" = Windows Live Writer Resources
"{8D977EAA-DF3E-4054-A98D-F27AEB0248DD}" = Fotótár
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E038DF1-B140-46D6-9D82-1BDF8DC56764}" = Movie Maker
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8E8AA7A0-CB3D-4909-B382-0BE05B3C75D1}" = Windows Live Messenger
"{8EC141DE-D310-4A57-B363-02E00627B3F0}" = Cisco AnyConnect Secure Mobility Client
"{8F63EC89-EBF5-466B-82B3-B9AFF63AF0C8}" = Windows Live Mail
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92CB8532-845F-4818-90CD-726D59E98637}" = Photo Common
"{92E22997-3614-4ED9-9D53-C6C09B105BE9}" = Fotogalleri
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9651BC17-4AFE-4DCD-9370-C1679AE7F20A}" = Windows Live Writer
"{96D1EC47-BD61-4775-B662-1F40EDAF0927}" = Windows Live Mail
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{99B05E60-87AF-48D9-9047-71485E7E505F}" = Windows Live Messenger
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A640C8E-600F-46D2-9175-3A3B5FBBC942}" = Фотоколекція
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9B443DB1-9746-4597-82FF-6DCB16854815}" = Windows Live Family Safety
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6D5C94-386A-4DE7-B99F-523D3F167B9A}" = Windows Live Messenger
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9E8C06B8-84AA-48A2-9ADA-693C0B254458}" = Windows Live Family Safety
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A18681FF-9745-436F-A013-6FC1A7F7EC67}" = Windows Live UX Platform Language Pack
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A52DB080-D445-49EB-90D2-03B9CD794511}" = Photo Common
"{A5F3EF0E-38AF-40CE-A4A6-FEA5ADEF27EF}" = Windows Live Mail
"{A774AD11-2856-47E1-93B8-6515A6A70BDE}" = Windows Live Mail
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AA806DB1-E882-4834-8102-B5F256BE9A2F}" = Windows Live Essentials
"{AA916C88-E57E-4D7B-8AA8-8761CB0931B8}" = Основи Windows Live
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{AAF91344-2808-4D6B-9242-FBE5AF79D60A}" = Windows Live Family Safety
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Deutsch
"{AD6302CE-4F94-4515-958C-7631360B765A}" = Windows Live Mail
"{ADEB1E6F-1C01-4EEB-A551-8E3F8CD2F35F}" = Windows Live UX Platform Language Pack
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{AEFAF1CC-9688-402B-A3E3-7E8F2043874C}" = Windows Live Writer
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF5F7099-F9B8-4C91-ABA0-AEF9F74EC607}" = Windows Live Writer Resources
"{B07AA732-1529-46F0-85C0-B21FBBF1EE5D}" = Windows Live Family Safety
"{B0C8B706-2387-461B-B3DF-BCE59B96ED0D}" = Windows Live Writer
"{B1865FCC-BE34-4800-AF2F-FB0120821B6A}" = Movie Maker
"{B234C135-729B-4AAE-AA2B-6ECCB85AD5FC}" = Photo Common
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B37E0634-F4EC-4ABC-AC85-B099B7D960C4}" = Windows Live Writer
"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker
"{B3A6E8D5-3664-43EE-B200-3428A3220A8B}" = Windows Live Messenger
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B47ABA49-627A-440B-A205-CC57A4734476}" = Windows Live Writer
"{B5D81102-EFE5-4A7B-BE60-019E07C1BD93}" = Windows Live Messenger
"{B6481EDC-44A1-43DA-B11A-32B110CFCC3A}" = Windows Live Writer Resources
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6FF40EA-AEF2-46FF-9516-9A6512901B97}" = Windows Live Mail
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B98389D4-5E94-4504-83F0-D727DE67D280}" = Windows Live Messenger
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BADEEBDE-ABAF-4650-9149-51614651A1A0}" = Windows Live Writer Resources
"{BBD6A9F7-F8B4-4754-AA7A-0516778DAB72}" = Photo Common
"{BBFCB394-78EB-45D4-BAC6-809AB1DF5F83}" = Windows Live Mail
"{BD12145E-DA08-4D09-91FE-C8D3E8A2D17F}" = Windows Live Family Safety
"{BDD0222F-D1C2-47DB-ABBE-62EB4F887A56}" = Windows Live UX Platform Language Pack
"{BDDC2D1F-092F-476F-A7D7-819AA5F434DF}" = Windows Live UX Platform Language Pack
"{C0018D63-C33C-4515-9CE8-3BC8830F79A1}" = Photo Gallery
"{C10418B5-6099-4121-8DFB-D3DFB8B916DB}" = Movie Maker
"{C156E7D3-D8B1-4303-BE38-99CE675C393D}" = Windows Live Writer
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
"{C82E0493-CDCF-4583-8DAE-59CC7EC4B2FE}" = Windows Live Messenger
"{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}" = Windows Live UX Platform Language Pack
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CE4EEFE0-85E0-436E-95C5-BCB2EE30C976}" = Фотоальбом
"{CFBFE244-6269-41DC-85B6-86F99C88ED02}" = Movie Maker
"{CFFB460E-F119-43BE-AED9-3E5B31396F72}" = Windows Live Messenger
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D27CDACB-3AB0-45A1-9850-7CFD2A90DA0A}" = Windows Live Family Safety
"{D29B0575-C3DE-4746-A893-4FDF0F7D68B2}" = Windows Live Mail
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D8A6F3FE-6F4A-48B1-87E0-718BC20140AE}" = Windows Live Writer
"{DC7EF3B4-ED66-49E9-B86F-2F119922D553}" = Movie Maker
"{DD1837CE-7CC3-4B86-9007-CEB978A840BF}" = Windows Live Messenger
"{DD351214-3151-4A87-B22F-AE2B58F1575F}" = Windows Live Writer
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}" = Windows Live
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E13497F0-4C28-47A0-B994-4D5E6D0F64A2}" = Windows Live Mail
"{E169436E-49D8-419B-A5C0-D245EAF99611}" = Movie Maker
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3E8006D-3DD9-40DF-9171-1EDE1023E57C}" = Windows Live Mail
"{E5603D65-60FC-47A6-AAC3-D5448227E963}" = Windows Live Writer
"{E60B6034-A80D-4D9B-93FB-38B286EB3886}" = Windows Live Writer
"{E65C1718-4467-4E5E-9ADA-B72E6DFAF29F}" = Windows Live UX Platform Language Pack
"{E6A5CD26-26E6-4F8D-AA98-D3DADF70B437}" = Windows Live Writer
"{EC5B21B9-9AC6-4892-9E1B-C98D30AB0395}" = Windows Live UX Platform Language Pack
"{EC5E0CAF-BC28-401C-B8BE-89C496D6D66F}" = Windows Live Essentials
"{ECD07D50-05C3-40E6-A10E-A371AC7E4B8A}" = Windows Live Writer
"{EE999A5F-3D40-4475-BBD3-FB867C93D77F}" = Windows Live Essentials
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F077FF52-187F-406C-ABC9-222A693D1883}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F188B46C-A389-4142-9765-1D66459D6929}" = Windows Live Family Safety
"{F1A79BDD-A47F-441B-954D-EE045C379EBB}" = Windows Live Writer Resources
"{F2CEE664-F9A3-4235-A11A-42B15884F4D4}" = Windows Live Mail
"{F2EC7F21-AC7D-430E-AC53-5A40686A6596}" = Windows Live Writer
"{F38BCC33-D42A-44EB-B62F-B3BB89B29FAF}" = Fotogalleriet
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F45E6106-4877-4298-92E7-0948015560C2}" = Windows Liven peruspaketti
"{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}" = Galerie de photos
"{F4DC3E82-471A-4949-A311-7AE803D203E1}" = Windows Live Essentials
"{F5350A47-59EE-4A4C-BDBF-05A17F0B8CEB}" = Windows Live Writer
"{F6A0F860-52EC-45C7-AA57-1AC447B002F3}" = Windows Live Family Safety
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F875E135-31C5-4C4D-929F-D49E6332E7F1}" = Photo Common
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8B27E21-6CE7-48E6-9D6C-D7241DAC3C9A}" = Windows Liven sähköposti
"{F8D72E78-45FF-4CE3-8441-932F867730A5}" = Windows Live Family Safety
"{F964FB61-334B-470B-AB8E-19DF19FC3CD7}" = Photo Common
"{F9B9F5AA-D604-47A7-9238-22A664DBED16}" = Windows Live Messenger
"{FA12037C-B6FA-4825-86BC-D58AA6A9CC24}" = Podstawowe programy Windows Live
"{FA29B84F-8306-4A62-A340-F2C41305E7AF}" = Windows Live Essentials
"{FA6BC7A5-85B3-4DC2-825C-D508E386151A}" = Raccolta foto
"{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
"{FBA73805-0F67-428B-8E4F-FAE16A452685}" = Photo Common
"{FC5F20C5-C44E-40DE-927C-4C7D7994912F}" = Windows Live Messenger
"{FC61AFC2-1E8A-4364-B653-A07AC748FFE9}" = Windows Live Mail
"{FCBD5760-450D-4A3B-82B4-FBA2816B49BD}" = Windows Live Messenger
"{FCF46EBE-4637-4A0D-8CE2-C39897A2D7E1}" = Galerie foto
"{FD5C55EA-B850-4EB7-BAD9-07F118E38AB9}" = Windows Live Writer
"{FF2DE2F0-A25E-4AE6-A2E0-056665520F1C}" = Windows Live Essentials
"{FFA96194-06E0-4B30-A0D5-90A257350659}" = Windows Live Writer Resources
"{FFCF82EC-895F-4AC8-925E-3412FE25EF62}" = Windows Live Writer Resources
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon MX700 series Benutzerregistrierung" = Canon MX700 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client 
"DivX Setup" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"FileHippo.com" = FileHippo.com Update Checker
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Ravensburger tiptoi" = Ravensburger tiptoi
"Secunia PSI" = Secunia PSI (3.0.0.7009)
"splashtop" = VAIO Quick Web Access
"VAIO Help and Support" = 
"VAIO Hero Screensaver - Summer 2011 Screensaver" = VAIO Hero Screensaver - Summer 2011 Screensaver
"VTechDownloadManager" = VTech Download Manager
"WinLiveSuite" = Windows Live Essentials
"Zotero Standalone 4.0.17 (x86 en-US)" = Zotero Standalone 4.0.17 (x86 en-US)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"SkyDriveSetup.exe" = Microsoft SkyDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.02.2014 11:25:47 | Computer Name = Sabine-VAIO | Source = Windows Search Service | ID = 9000
Description = 
 
Error - 14.02.2014 11:25:47 | Computer Name = Sabine-VAIO | Source = Windows Search Service | ID = 7040
Description = 
 
Error - 14.02.2014 11:25:47 | Computer Name = Sabine-VAIO | Source = Windows Search Service | ID = 9002
Description = 
 
Error - 14.02.2014 11:25:47 | Computer Name = Sabine-VAIO | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 14.02.2014 11:25:50 | Computer Name = Sabine-VAIO | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 14.02.2014 11:25:50 | Computer Name = Sabine-VAIO | Source = Windows Search Service | ID = 3028
Description = 
 
Error - 14.02.2014 11:25:50 | Computer Name = Sabine-VAIO | Source = Windows Search Service | ID = 3058
Description = 
 
Error - 14.02.2014 11:25:50 | Computer Name = Sabine-VAIO | Source = Windows Search Service | ID = 7010
Description = 
 
Error - 14.02.2014 11:25:50 | Computer Name = Sabine-VAIO | Source = Windows Search Service | ID = 7042
Description = 
 
Error - 14.02.2014 11:26:36 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 14.02.2014 11:25:03 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser File:
 .\IPC\WinsecAPI.cpp Line: 73 Invoked Function: CWinsecApiImpersonateUser::acquireTokens
Return
 Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED

 
Error - 14.02.2014 11:25:03 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertUtils::CCapiCertUtils File: .\Certificates\CapiCertUtils.cpp
Line:
 111 Invoked Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser Return
 Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED

 
Error - 14.02.2014 11:25:03 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp
Line:
 57 Invoked Function: CapiCertUtils Return Code: -32833517 (0xFE0B0013) Description:
 WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED 
 
Error - 14.02.2014 11:25:03 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore File: .\Certificates\CapiCertSmartcardStore.cpp
Line:
 39 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32833517 (0xFE0B0013)
Description:
 WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED 
 
Error - 14.02.2014 11:25:03 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CCollectiveCertStore::addCapiSmartcardStore File: .\Certificates\CollectiveCertStore.cpp
Line:
 1651 Invoked Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore Return Code:
 -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED

 
Error - 14.02.2014 11:25:03 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CHostConfigMgr::determinePublicAddrCandidateFromDefRoute
File:
 .\HostConfigMgr.cpp Line: 1766 Invoked Function: CHostConfigMgr::FindDefaultRouteInterface
Return
 Code: -24117215 (0xFE900021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 14.02.2014 11:25:23 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
 Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE

 
Error - 14.02.2014 11:29:58 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
 274 m_pIServicePlugin is NULL
 
Error - 14.02.2014 11:29:58 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
 274 m_pIServicePlugin is NULL
 
Error - 14.02.2014 11:29:58 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
 311 m_pITelemetryPlugin is NULL
 
[ OSession Events ]
Error - 22.04.2013 07:43:12 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1693
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 03.06.2013 10:01:05 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14057
 seconds with 540 seconds of active time.  This session ended with a crash.
 
Error - 03.06.2013 15:24:40 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3128
 seconds with 2400 seconds of active time.  This session ended with a crash.
 
Error - 27.06.2013 04:00:07 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 770
 seconds with 420 seconds of active time.  This session ended with a crash.
 
Error - 04.07.2013 06:48:00 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4946
 seconds with 1020 seconds of active time.  This session ended with a crash.
 
Error - 04.07.2013 07:37:48 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4143
 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error - 15.07.2013 11:02:17 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4251
 seconds with 960 seconds of active time.  This session ended with a crash.
 
Error - 22.07.2013 13:57:52 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 268308
 seconds with 34920 seconds of active time.  This session ended with a crash.
 
Error - 19.11.2013 09:30:26 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4117
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 27.11.2013 06:32:48 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session 
lasted 33 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 14.02.2014 11:23:22 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 14.02.2014 11:24:02 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 14.02.2014 11:24:02 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 14.02.2014 11:24:02 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 14.02.2014 11:25:50 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-1073473535.
 
Error - 14.02.2014 11:25:50 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 14.02.2014 11:26:20 | Computer Name = Sabine-VAIO | Source = DCOM | ID = 10005
Description = 
 
Error - 14.02.2014 11:26:20 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Search erreicht.
 
Error - 14.02.2014 11:26:20 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 14.02.2014 12:20:18 | Computer Name = Sabine-VAIO | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
 
< End of report >

Danke schon mal für Eure Hilfe.

cosinus · 19.02.2014, 23:00

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

tam · 20.02.2014, 18:29

Hallo,

nein, keine weiteren Berichte.

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Sabine (administrator) on SABINE-VAIO on 20-02-2014 11:28:00
Running from C:\Users\Sabine\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Farbar) C:\Users\Sabine\Desktop\FRST64 (2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Winlogon: [Userinit]  [X]
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1617116259-3097247958-731268824-1000\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-1617116259-3097247958-731268824-1000\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sabine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {43BC01C1-13FB-4588-B33D-A73B9ACCE8B0} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {B9BB60E4-803E-4D51-B46D-165E3ADB6371} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\Sony\MSS\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default
FF NewTab: www.google.com
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Keyword.URL: https://www.google.com/search
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\Sony\MSS\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\searchplugins\searchplugins-backup
FF Extension: Bitdefender QuickScan - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012-09-19]
FF Extension: Webutation - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2013-06-17]
FF Extension: Adblock Plus - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-21]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-07-19]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\Sony\MSS\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (WOT) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-06-11]
CHR Extension: (YouTube) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-05]
CHR Extension: (Google-Suche) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-04]
CHR Extension: (Search by Image (by Google)) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-08-23]
CHR Extension: (Zotero Connector) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2013-01-31]
CHR Extension: (AdBlock) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-13]
CHR Extension: (avast! Online Security) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-13]
CHR Extension: (Google Wallet) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.130\McCHSvc.exe [288776 2013-10-16] (McAfee, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [89304 2013-12-17] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-20 11:28 - 2014-02-20 11:28 - 00024948 _____ () C:\Users\Sabine\Desktop\FRST.txt
2014-02-20 11:27 - 2014-02-20 11:26 - 02153472 _____ (Farbar) C:\Users\Sabine\Desktop\FRST64 (2).exe
2014-02-19 14:14 - 2014-02-19 14:14 - 00000000 ____D () C:\Users\Sabine\AppData\Local\WinZip
2014-02-16 20:08 - 2014-02-16 20:08 - 00124576 _____ () C:\Users\Sabine\Desktop\Extras.Txt
2014-02-14 16:27 - 2014-02-20 11:20 - 00227626 _____ () C:\Windows\WindowsUpdate.log
2014-02-14 16:24 - 2014-02-20 11:19 - 00000224 _____ () C:\Windows\setupact.log
2014-02-14 16:24 - 2014-02-14 16:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-13 13:56 - 2014-02-20 11:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-13 13:56 - 2014-02-13 13:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-13 13:56 - 2014-02-13 13:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-13 11:03 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 11:03 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 11:02 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 11:02 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 11:02 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 11:02 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 11:02 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 11:02 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 11:02 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 11:02 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 11:02 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 11:02 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 11:02 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 11:02 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 11:02 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 11:02 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 11:02 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 11:02 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 11:02 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 11:02 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 11:02 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 11:02 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 11:02 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 11:02 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 11:02 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 11:02 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 11:02 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 11:02 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 11:01 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 11:01 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 11:01 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 11:01 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 11:01 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 11:01 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 11:01 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 11:01 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 11:01 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 11:01 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 11:01 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 11:01 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 11:01 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 08:39 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 08:39 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 08:39 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 08:39 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 08:39 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 08:39 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 08:38 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 08:38 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 08:38 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 08:38 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 08:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 08:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 08:38 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 08:38 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 08:38 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 08:38 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 08:38 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 08:38 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 08:38 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 08:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 08:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 08:38 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 08:38 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 08:38 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 08:38 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 08:38 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 08:38 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 08:38 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-09 20:23 - 2014-02-09 20:23 - 00000000 ____D () C:\Users\Sabine\Desktop\2014_02_09
2014-01-27 10:01 - 2014-01-27 10:01 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-27 10:01 - 2014-01-27 10:01 - 00000000 ____D () C:\Program Files (x86)\Adobe

==================== One Month Modified Files and Folders =======

2014-02-20 11:28 - 2014-02-20 11:28 - 00024948 _____ () C:\Users\Sabine\Desktop\FRST.txt
2014-02-20 11:28 - 2013-09-21 20:53 - 00000000 ____D () C:\FRST
2014-02-20 11:26 - 2014-02-20 11:27 - 02153472 _____ (Farbar) C:\Users\Sabine\Desktop\FRST64 (2).exe
2014-02-20 11:20 - 2014-02-14 16:27 - 00227626 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 11:20 - 2012-11-04 17:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 11:19 - 2014-02-14 16:24 - 00000224 _____ () C:\Windows\setupact.log
2014-02-20 11:19 - 2014-02-13 13:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 11:19 - 2012-11-04 17:58 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 00:26 - 2009-07-14 05:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 00:26 - 2009-07-14 05:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 00:19 - 2011-09-06 04:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-20 00:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-19 14:14 - 2014-02-19 14:14 - 00000000 ____D () C:\Users\Sabine\AppData\Local\WinZip
2014-02-18 20:45 - 2011-12-24 20:22 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{13988B50-5709-4532-8A9A-E1497C51ED45}
2014-02-18 20:21 - 2011-09-06 14:17 - 00963126 _____ () C:\Windows\system32\perfh007.dat
2014-02-18 20:21 - 2011-09-06 14:17 - 00233382 _____ () C:\Windows\system32\perfc007.dat
2014-02-18 20:21 - 2009-07-14 06:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-18 18:53 - 2013-06-14 20:15 - 00001694 _____ () C:\Windows\Sandboxie.ini
2014-02-18 13:10 - 2010-01-27 17:45 - 00000000 ____D () C:\Users\Sabine\Documents\Sabine
2014-02-17 11:05 - 2013-07-22 19:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 11:00 - 2012-01-18 17:58 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 20:08 - 2014-02-16 20:08 - 00124576 _____ () C:\Users\Sabine\Desktop\Extras.Txt
2014-02-14 16:24 - 2014-02-14 16:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-14 14:40 - 2012-12-20 20:06 - 00000000 ____D () C:\Windows\Minidump
2014-02-14 14:40 - 2012-05-22 15:16 - 00000000 ____D () C:\Users\Sabine\AppData\Local\CrashDumps
2014-02-14 13:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-13 18:19 - 2013-06-23 16:50 - 00000000 ____D () C:\Program Files (x86)\MathType
2014-02-13 17:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 13:56 - 2014-02-13 13:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-13 13:56 - 2014-02-13 13:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-13 13:56 - 2013-10-14 18:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-13 08:39 - 2012-11-04 17:58 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 08:39 - 2012-11-04 17:58 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-09 20:23 - 2014-02-09 20:23 - 00000000 ____D () C:\Users\Sabine\Desktop\2014_02_09
2014-02-06 13:16 - 2014-02-13 11:02 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 11:01 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 11:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 11:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 11:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 11:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 11:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 11:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 11:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 11:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 11:01 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 11:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 11:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 11:01 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 11:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 11:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 11:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:57 - 2014-02-13 11:01 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:52 - 2014-02-13 11:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 11:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 11:01 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 11:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 11:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 11:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 11:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:25 - 2014-02-13 11:01 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:24 - 2014-02-13 11:01 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 11:01 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 11:02 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 11:01 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 11:01 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 11:01 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 11:01 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 11:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 11:01 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 11:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-27 13:29 - 2012-01-18 19:27 - 00000000 ____D () C:\Users\Sabine\AppData\Local\Adobe
2014-01-27 10:01 - 2014-01-27 10:01 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-27 10:01 - 2014-01-27 10:01 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-27 10:01 - 2011-09-06 05:01 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-24 14:35 - 2011-12-24 20:21 - 00000000 ___RD () C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 14:35 - 2011-12-24 20:18 - 00000000 ____D () C:\Windows\pss
2014-01-24 14:31 - 2012-09-17 09:44 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-01-24 14:31 - 2012-09-17 09:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-24 14:20 - 2013-03-18 20:40 - 00000000 ___RD () C:\Users\Sabine\Dropbox
2014-01-24 14:20 - 2013-03-18 20:38 - 00000000 ____D () C:\Users\Sabine\AppData\Roaming\Dropbox
2014-01-24 13:10 - 2013-09-20 21:30 - 00000000 ____D () C:\AdwCleaner
2014-01-24 12:56 - 2012-01-23 13:18 - 00000000 ____D () C:\ProgramData\DivX
2014-01-24 12:56 - 2012-01-23 13:18 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-01-22 11:39 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

Some content of TEMP:
====================
C:\Users\Sabine\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 00:02

==================== End Of Log ============================

--- --- ---

cosinus · 21.02.2014, 10:44

Die additions.txt von FRST fehlt, bitte nachreichen

tam · 21.02.2014, 13:33

ups...sry

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-02-2014
Ran by Sabine at 2014-02-21 13:29:43
Running from C:\Users\Sabine\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Atheros WiFi Driver Installation (x32 Version: 3.0 - Atheros)
Avira Free Antivirus (x32 Version: 14.0.3.338 - Avira)
Bing Bar (x32 Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (Version: 7.3.0.100 - Atheros Communications)
Canon IJ Network Scan Utility (x32 Version:  - )
Canon IJ Network Tool (x32 Version:  - )
Canon MP Navigator EX 1.0 (x32 Version:  - )
Canon MX700 series (Version:  - )
Canon MX700 series Benutzerregistrierung (x32 Version:  - )
Canon My Printer (Version:  - )
Canon Utilities Easy-PhotoPrint EX (x32 Version:  - )
Canon Utilities Solution Menu (x32 Version:  - )
CCleaner (Version: 4.10 - Piriform)
Cisco AnyConnect Secure Mobility Client  (x32 Version: 3.1.04063 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04063 - Cisco Systems, Inc.) Hidden
Conexant HD Audio (Version: 8.54.0.53 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (x32 Version: 2.6.1.90 - DivX, LLC)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
FileHippo.com Update Checker (x32 Version:  - )
Fotogaléria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Drive (x32 Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (x32 Version: 1 - Microsoft Corporation)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046 - Intel Corporation)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (x32 Version: 7.1.172.0 - Nokia)
Nokia Suite (x32 Version: 3.8.30.0 - Nokia)
Nokia Suite (x32 Version: 3.8.30.0 - Nokia) Hidden
NVIDIA 3D Vision Treiber 268.31 (Version: 268.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.31 (Version: 268.31 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6831 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 268.31 (Version: 268.31 - NVIDIA Corporation) Hidden
PC Connectivity Solution (x32 Version: 12.0.109.0 - Nokia)
PDF Architect (x32 Version: 1.1.83.9982 - pdfforge GmbH)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PMB (x32 Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Presto! PageManager 7.15.16 (x32 Version: 7.15.16 - NewSoft Technology Corporation)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Ravensburger tiptoi (x32 Version:  - )
Realtek PCIE Card Reader (x32 Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Sandboxie 4.06 (64-bit) (Version: 4.06 - Sandboxie Holdings, LLC)
ScanSoft OmniPage SE 4 (x32 Version: 15.2.0020 - Nuance Communications, Inc.)
Secunia PSI (3.0.0.7009) (x32 Version: 3.0.0.7009 - Secunia)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VAIO - Media Gallery (x32 Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (x32 Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (x32 Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (x32 Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (x32 Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (x32 Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (x32 Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (x32 Version:  - )
VAIO Improvement (x32 Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (x32 Version: 3.8.1.08270 - Sony Corporation)
VAIO Update (x32 Version: 6.3.0.08010 - Sony Corporation)
VAIO-Handbuch (x32 Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (x32 Version: 1.4.0.14230 - Sony Corporation)
Valokuvavalikoima (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (x32 Version:  - VTech)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - společnost Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Корпорація Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.5 (Version: 16.5.10095 - WinZip Computing, S.L. )
Zotero Standalone 4.0.17 (x86 en-US) (x32 Version: 4.0.17 - Zotero)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3508.0205 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

19-02-2014 23:49:19 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-22 11:39 - 00002745 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.


==================== Scheduled Tasks (whitelisted) =============

Task: {03B8DA93-AE6F-4E0C-A285-CC3DE9E7C60A} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {11339038-C2BD-4800-9162-19F88F6D04B1} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {281E9BE7-CE29-4125-A277-99C5B6676D32} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {2B509FD7-2DB0-4B29-989F-8B626AF5BD8E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {2E3A6530-3175-40CF-89C3-FADB0887DF3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {3163C5DA-2145-4BBF-9B2E-900D57BC4796} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2011-02-23] (Sony Corporation)
Task: {32528F0C-399C-447F-A775-B97D86FC5087} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {5BB5A8D1-0529-4B63-A57F-F8ADDDDCF8E1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {67B3C897-4F79-4049-B8DE-20DC52353D07} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {7525CCBF-1BA3-421A-82C0-DC97F566BEE8} - System32\Tasks\{E8CCB595-1E85-47C4-A5C0-F8E5BAD7C29B} => C:\Windows\SysWOW64\javaws.exe [2013-06-25] (Oracle Corporation)
Task: {7E42E504-1E47-4B5D-9760-37341EBA04CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-13] (Adobe Systems Incorporated)
Task: {89EF5549-4FBA-40B8-B70F-7FC33786A43D} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe
Task: {9A322062-10ED-4A79-8107-9717CF8F1B63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04] (Google Inc.)
Task: {A8B595A2-C5E0-4405-8337-9B25491C94AC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {AC2CCE31-7C53-494D-B44A-5C4C79C055DA} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {AD61BA17-CCD0-42B9-AED1-980A79C60F79} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Sabine => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2011-02-08] (Sony Corporation)
Task: {B34780D3-789E-440C-B436-2C2EC7BCA41B} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {B42474D4-FD56-4B64-8794-E3D11094ED24} - System32\Tasks\{0268A0BD-DA1B-4202-88A8-20E67EE69854} => C:\Windows\System32\javaws.exe [2013-10-19] (Oracle Corporation)
Task: {C0DB010B-DDC0-41AF-87B6-4B41314E6F1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04] (Google Inc.)
Task: {ECE1E48A-BB0A-400C-A508-2E50A8A5B603} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {F0C94BA6-D6BC-4DCD-8A5E-D6F030F44C5C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {F259F9EB-EBBC-4924-BE79-525FCF2E4C11} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {F5A1D460-DAE5-441F-8025-EE610E8B4F5D} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {F8D7745C-DC35-45B7-914D-850CB57DA8DF} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-12 10:04 - 2006-09-20 07:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
2013-07-12 10:04 - 2006-10-30 15:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
2013-06-24 09:54 - 2013-06-20 08:58 - 00391040 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2012-08-06 13:27 - 2012-08-06 13:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-06 13:27 - 2012-08-06 13:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-07-19 17:30 - 2013-07-19 17:30 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-06-12 07:24 - 2013-01-25 09:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-09-06 04:48 - 2011-03-05 15:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2013-06-24 09:54 - 2010-06-24 02:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 09:54 - 2010-07-13 14:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 09:54 - 2010-06-02 03:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 09:54 - 2010-06-02 03:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 09:54 - 2012-08-06 10:54 - 09843640 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 09:54 - 2010-06-02 03:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2013-06-24 09:54 - 2010-06-02 03:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 09:54 - 2010-07-05 10:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 09:54 - 2010-11-11 10:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00025600 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2014-02-13 12:02 - 2014-02-13 12:02 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2011-09-06 04:33 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-02-03 19:41 - 2014-02-02 00:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-03 19:41 - 2014-02-02 00:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-03 19:41 - 2014-02-02 00:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-03 19:41 - 2014-02-02 00:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-03 19:41 - 2014-02-02 00:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-03 19:41 - 2014-02-02 00:42 - 13616456 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sabine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: ccleaner => "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Canon MX700 ser Network
Description: Canon MX700 ser Network
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/20/2014 00:15:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/20/2014 00:20:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2014 08:21:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/18/2014 08:21:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/18/2014 08:21:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/17/2014 04:17:21 PM) (Source: SampleCollector) (User: )
Description: init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (02/14/2014 04:26:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2014 04:25:50 PM) (Source: Windows Search Service) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2014 04:25:50 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2014 04:25:50 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (02/20/2014 06:20:43 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (02/20/2014 03:15:53 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (02/20/2014 03:15:49 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (02/20/2014 03:15:49 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (02/20/2014 00:10:16 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (02/20/2014 11:19:02 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (02/20/2014 06:52:24 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (02/20/2014 00:48:22 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.

Error: (02/20/2014 00:42:46 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.

Error: (02/19/2014 08:26:28 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.


Microsoft Office Sessions:
=========================
Error: (11/27/2013 11:32:48 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 33 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/19/2013 02:30:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4117 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (07/22/2013 06:57:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 268308 seconds with 34920 seconds of active time.  This session ended with a crash.

Error: (07/15/2013 04:02:17 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4251 seconds with 960 seconds of active time.  This session ended with a crash.

Error: (07/04/2013 00:37:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4143 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (07/04/2013 11:48:00 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4946 seconds with 1020 seconds of active time.  This session ended with a crash.

Error: (06/27/2013 09:00:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 770 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (06/03/2013 08:24:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3128 seconds with 2400 seconds of active time.  This session ended with a crash.

Error: (06/03/2013 03:01:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14057 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (04/22/2013 00:43:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1693 seconds with 120 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-02-13 18:19:24.458
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 17:47:59.798
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 15:58:49.469
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 14:49:46.754
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 14:01:20.606
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 13:54:32.901
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 08:30:39.689
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-12 21:04:24.966
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-12 20:12:39.620
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-12 19:39:27.554
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 66%
Total physical RAM: 4077.86 MB
Available physical RAM: 1357.02 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 4690.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:582.06 GB) (Free:470.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 63B28608)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=582 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 21.02.2014, 15:27

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

tam · 22.02.2014, 16:08

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.02.22.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Sabine :: SABINE-VAIO [administrator]

22.02.2014 15:39:11
mbar-log-2014-02-22 (15-39-11).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 303797
Time elapsed: 24 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 22.02.2014, 16:13

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

tam · 26.02.2014, 11:49

sorry, kam die letzten Tage nicht dazu...
hier erstmal der Adw-Bericht:

Code:

ATTFilter

# AdwCleaner v3.019 - Bericht erstellt am 26/02/2014 um 11:21:19
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sabine - SABINE-VAIO
# Gestartet von : C:\Users\Sabine\Desktop\adwcleaner (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Sabine\AppData\LocalLow\boost_interprocess

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\Software\caphyon

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v26.0 (en-US)

[ Datei : C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\prefs.js ]


-\\ Google Chrome v33.0.1750.117

[ Datei : C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2655 octets] - [20/09/2013 21:31:02]
AdwCleaner[R1].txt - [2715 octets] - [21/09/2013 21:04:56]
AdwCleaner[R2].txt - [11787 octets] - [12/11/2013 19:18:22]
AdwCleaner[R3].txt - [1704 octets] - [16/12/2013 23:11:13]
AdwCleaner[R4].txt - [1547 octets] - [17/12/2013 13:26:46]
AdwCleaner[R5].txt - [2064 octets] - [24/01/2014 13:09:17]
AdwCleaner[R6].txt - [1898 octets] - [26/02/2014 11:19:28]
AdwCleaner[S0].txt - [2684 octets] - [21/09/2013 21:05:54]
AdwCleaner[S1].txt - [11803 octets] - [12/11/2013 19:45:28]
AdwCleaner[S2].txt - [1717 octets] - [16/12/2013 23:12:35]
AdwCleaner[S3].txt - [1608 octets] - [17/12/2013 13:29:26]
AdwCleaner[S4].txt - [2033 octets] - [24/01/2014 13:10:28]
AdwCleaner[S5].txt - [1821 octets] - [26/02/2014 11:21:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1881 octets] ##########

am Rest bin ich noch dran

hier Junkware-Bericht

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sabine on 26.02.2014 at 11:29:24,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.02.2014 at 11:37:12,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

der Rest

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-02-2014
Ran by Sabine (administrator) on SABINE-VAIO on 26-02-2014 11:45:43
Running from C:\Users\Sabine\Desktop\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Sabine\Desktop\Downloads\FRST64 (3).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Winlogon: [Userinit]  [X]
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1617116259-3097247958-731268824-1000\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-1617116259-3097247958-731268824-1000\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sabine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {43BC01C1-13FB-4588-B33D-A73B9ACCE8B0} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {B9BB60E4-803E-4D51-B46D-165E3ADB6371} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\Sony\MSS\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default
FF NewTab: www.google.com
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Keyword.URL: https://www.google.com/search
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\Sony\MSS\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\searchplugins\searchplugins-backup
FF Extension: Bitdefender QuickScan - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012-09-19]
FF Extension: Webutation - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2013-06-17]
FF Extension: Adblock Plus - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-21]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-07-19]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\Sony\MSS\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (WOT) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-06-11]
CHR Extension: (YouTube) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-05]
CHR Extension: (Google-Suche) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-04]
CHR Extension: (Search by Image (by Google)) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-08-23]
CHR Extension: (Zotero Connector) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2013-01-31]
CHR Extension: (AdBlock) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-13]
CHR Extension: (avast! Online Security) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-13]
CHR Extension: (Google Wallet) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.130\McCHSvc.exe [288776 2013-10-16] (McAfee, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [89304 2013-12-17] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-26 11:37 - 2014-02-26 11:37 - 00000626 _____ () C:\Users\Sabine\Desktop\JRT.txt
2014-02-26 11:27 - 2014-02-26 11:27 - 01037734 _____ (Thisisu) C:\Users\Sabine\Desktop\JRT.exe
2014-02-26 11:22 - 2014-02-26 11:22 - 00191400 _____ () C:\Windows\PFRO.log
2014-02-26 11:18 - 2014-02-26 11:18 - 01241834 _____ () C:\Users\Sabine\Desktop\adwcleaner (1).exe
2014-02-26 10:21 - 2014-02-26 10:21 - 00000000 ____D () C:\Users\Sabine\Desktop\2014_02_26
2014-02-22 15:39 - 2014-02-22 15:39 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-21 20:12 - 2014-02-21 20:12 - 00000000 ____D () C:\Users\Sabine\Desktop\Rootkit
2014-02-21 20:11 - 2014-02-21 20:08 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sabine\Desktop\mbar-1.07.0.1009.exe
2014-02-21 13:28 - 2014-02-21 13:28 - 00000000 ____D () C:\Users\Sabine\Desktop\FRST-OlderVersion
2014-02-19 14:14 - 2014-02-19 14:14 - 00000000 ____D () C:\Users\Sabine\AppData\Local\WinZip
2014-02-14 16:27 - 2014-02-26 11:27 - 00583128 _____ () C:\Windows\WindowsUpdate.log
2014-02-14 16:24 - 2014-02-26 11:23 - 00002379 _____ () C:\Windows\setupact.log
2014-02-14 16:24 - 2014-02-14 16:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-13 13:56 - 2014-02-26 11:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-13 13:56 - 2014-02-21 16:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-13 13:56 - 2014-02-21 16:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-13 11:03 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 11:03 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 11:02 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 11:02 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 11:02 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 11:02 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 11:02 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 11:02 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 11:02 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 11:02 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 11:02 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 11:02 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 11:02 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 11:02 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 11:02 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 11:02 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 11:02 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 11:02 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 11:02 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 11:02 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 11:02 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 11:02 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 11:02 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 11:02 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 11:02 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 11:02 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 11:02 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 11:02 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 11:01 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 11:01 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 11:01 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 11:01 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 11:01 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 11:01 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 11:01 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 11:01 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 11:01 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 11:01 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 11:01 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 11:01 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 11:01 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 08:39 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 08:39 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 08:39 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 08:39 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 08:39 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 08:39 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 08:38 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 08:38 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 08:38 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 08:38 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 08:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 08:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 08:38 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 08:38 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 08:38 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 08:38 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 08:38 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 08:38 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 08:38 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 08:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 08:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 08:38 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 08:38 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 08:38 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 08:38 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 08:38 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 08:38 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 08:38 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-09 20:23 - 2014-02-09 20:23 - 00000000 ____D () C:\Users\Sabine\Desktop\2014_02_09
2014-01-27 10:01 - 2014-01-27 10:01 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-27 10:01 - 2014-01-27 10:01 - 00000000 ____D () C:\Program Files (x86)\Adobe

==================== One Month Modified Files and Folders =======

2014-02-26 11:45 - 2013-09-21 20:53 - 00000000 ____D () C:\FRST
2014-02-26 11:44 - 2012-11-04 17:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-26 11:41 - 2014-02-13 13:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-26 11:37 - 2014-02-26 11:37 - 00000626 _____ () C:\Users\Sabine\Desktop\JRT.txt
2014-02-26 11:31 - 2009-07-14 05:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-26 11:31 - 2009-07-14 05:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-26 11:27 - 2014-02-26 11:27 - 01037734 _____ (Thisisu) C:\Users\Sabine\Desktop\JRT.exe
2014-02-26 11:27 - 2014-02-14 16:27 - 00583128 _____ () C:\Windows\WindowsUpdate.log
2014-02-26 11:26 - 2011-12-24 20:22 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{13988B50-5709-4532-8A9A-E1497C51ED45}
2014-02-26 11:23 - 2014-02-14 16:24 - 00002379 _____ () C:\Windows\setupact.log
2014-02-26 11:23 - 2012-11-04 17:58 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-26 11:23 - 2011-09-06 04:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-26 11:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-26 11:22 - 2014-02-26 11:22 - 00191400 _____ () C:\Windows\PFRO.log
2014-02-26 11:21 - 2013-09-20 21:30 - 00000000 ____D () C:\AdwCleaner
2014-02-26 11:18 - 2014-02-26 11:18 - 01241834 _____ () C:\Users\Sabine\Desktop\adwcleaner (1).exe
2014-02-26 10:21 - 2014-02-26 10:21 - 00000000 ____D () C:\Users\Sabine\Desktop\2014_02_26
2014-02-26 10:19 - 2011-09-06 14:17 - 00977918 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 10:19 - 2011-09-06 14:17 - 00238118 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 10:19 - 2009-07-14 06:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 08:32 - 2013-06-14 20:15 - 00001694 _____ () C:\Windows\Sandboxie.ini
2014-02-22 16:04 - 2013-12-17 13:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-22 15:39 - 2014-02-22 15:39 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-21 20:28 - 2013-12-28 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-21 20:12 - 2014-02-21 20:12 - 00000000 ____D () C:\Users\Sabine\Desktop\Rootkit
2014-02-21 20:08 - 2014-02-21 20:11 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sabine\Desktop\mbar-1.07.0.1009.exe
2014-02-21 16:41 - 2014-02-13 13:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 16:41 - 2014-02-13 13:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 16:41 - 2013-10-14 18:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 13:28 - 2014-02-21 13:28 - 00000000 ____D () C:\Users\Sabine\Desktop\FRST-OlderVersion
2014-02-20 12:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-19 14:14 - 2014-02-19 14:14 - 00000000 ____D () C:\Users\Sabine\AppData\Local\WinZip
2014-02-18 13:10 - 2010-01-27 17:45 - 00000000 ____D () C:\Users\Sabine\Documents\Sabine
2014-02-17 11:05 - 2013-07-22 19:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 11:00 - 2012-01-18 17:58 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 16:24 - 2014-02-14 16:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-14 14:40 - 2012-12-20 20:06 - 00000000 ____D () C:\Windows\Minidump
2014-02-14 14:40 - 2012-05-22 15:16 - 00000000 ____D () C:\Users\Sabine\AppData\Local\CrashDumps
2014-02-13 18:19 - 2013-06-23 16:50 - 00000000 ____D () C:\Program Files (x86)\MathType
2014-02-13 17:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 08:39 - 2012-11-04 17:58 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 08:39 - 2012-11-04 17:58 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-09 20:23 - 2014-02-09 20:23 - 00000000 ____D () C:\Users\Sabine\Desktop\2014_02_09
2014-02-06 13:16 - 2014-02-13 11:02 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 11:01 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 11:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 11:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 11:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 11:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 11:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 11:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 11:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 11:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 11:01 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 11:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 11:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 11:01 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 11:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 11:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 11:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:57 - 2014-02-13 11:01 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:52 - 2014-02-13 11:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 11:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 11:01 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 11:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 11:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 11:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 11:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:25 - 2014-02-13 11:01 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:24 - 2014-02-13 11:01 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 11:01 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 11:02 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 11:01 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 11:01 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 11:01 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 11:01 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 11:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 11:01 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 11:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-27 13:29 - 2012-01-18 19:27 - 00000000 ____D () C:\Users\Sabine\AppData\Local\Adobe
2014-01-27 10:01 - 2014-01-27 10:01 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-27 10:01 - 2014-01-27 10:01 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-27 10:01 - 2011-09-06 05:01 - 00000000 ____D () C:\ProgramData\Adobe

Some content of TEMP:
====================
C:\Users\Sabine\AppData\Local\Temp\avgnt.exe
C:\Users\Sabine\AppData\Local\Temp\Quarantine.exe
C:\Users\Sabine\AppData\Local\Temp\SandboxieInstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 00:02

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2014
Ran by Sabine at 2014-02-26 11:46:46
Running from C:\Users\Sabine\Desktop\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon MX700 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX700_series) (Version:  - )
Canon MX700 series Benutzerregistrierung (HKLM-x32\...\Canon MX700 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04063 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04063 - Cisco Systems, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Fotogaléria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.30.0 - Nokia)
Nokia Suite (x32 Version: 3.8.30.0 - Nokia) Hidden
NVIDIA 3D Vision Treiber 268.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.31 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6831 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 268.31 (Version: 268.31 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Presto! PageManager 7.15.16 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.16 - NewSoft Technology Corporation)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.0.08010 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
Valokuvavalikoima (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - společnost Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Корпорація Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}) (Version: 16.5.10095 - WinZip Computing, S.L. )
Zotero Standalone 4.0.17 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.17 (x86 en-US)) (Version: 4.0.17 - Zotero)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3508.0205 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-22 11:39 - 00002745 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
134.96.3.187	asa2.uni-saarland.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.


==================== Scheduled Tasks (whitelisted) =============

Task: {03B8DA93-AE6F-4E0C-A285-CC3DE9E7C60A} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {11339038-C2BD-4800-9162-19F88F6D04B1} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {281E9BE7-CE29-4125-A277-99C5B6676D32} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {2B509FD7-2DB0-4B29-989F-8B626AF5BD8E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {2E3A6530-3175-40CF-89C3-FADB0887DF3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {3163C5DA-2145-4BBF-9B2E-900D57BC4796} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2011-02-23] (Sony Corporation)
Task: {32528F0C-399C-447F-A775-B97D86FC5087} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {5BB5A8D1-0529-4B63-A57F-F8ADDDDCF8E1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {67B3C897-4F79-4049-B8DE-20DC52353D07} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {7525CCBF-1BA3-421A-82C0-DC97F566BEE8} - System32\Tasks\{E8CCB595-1E85-47C4-A5C0-F8E5BAD7C29B} => C:\Windows\SysWOW64\javaws.exe [2013-06-25] (Oracle Corporation)
Task: {7E42E504-1E47-4B5D-9760-37341EBA04CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {89EF5549-4FBA-40B8-B70F-7FC33786A43D} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe
Task: {8AFD667B-F1FE-455C-9CEE-CCB503EFF5A9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {9A322062-10ED-4A79-8107-9717CF8F1B63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04] (Google Inc.)
Task: {AC2CCE31-7C53-494D-B44A-5C4C79C055DA} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {AD61BA17-CCD0-42B9-AED1-980A79C60F79} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Sabine => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2011-02-08] (Sony Corporation)
Task: {B34780D3-789E-440C-B436-2C2EC7BCA41B} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {B42474D4-FD56-4B64-8794-E3D11094ED24} - System32\Tasks\{0268A0BD-DA1B-4202-88A8-20E67EE69854} => C:\Windows\System32\javaws.exe [2013-10-19] (Oracle Corporation)
Task: {C0DB010B-DDC0-41AF-87B6-4B41314E6F1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04] (Google Inc.)
Task: {ECE1E48A-BB0A-400C-A508-2E50A8A5B603} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {F0C94BA6-D6BC-4DCD-8A5E-D6F030F44C5C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {F259F9EB-EBBC-4924-BE79-525FCF2E4C11} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {F5A1D460-DAE5-441F-8025-EE610E8B4F5D} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {F8D7745C-DC35-45B7-914D-850CB57DA8DF} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-12 10:04 - 2006-09-20 07:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
2013-07-12 10:04 - 2006-10-30 15:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
2013-06-24 09:54 - 2013-06-20 08:58 - 00391040 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2012-08-06 13:27 - 2012-08-06 13:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-06 13:27 - 2012-08-06 13:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-07-19 17:30 - 2013-07-19 17:30 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-06-12 07:24 - 2013-01-25 09:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-09-06 04:48 - 2011-03-05 15:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2013-06-24 09:54 - 2010-06-24 02:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 09:54 - 2010-07-13 14:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 09:54 - 2010-06-02 03:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 09:54 - 2010-06-02 03:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 09:54 - 2012-08-06 10:54 - 09843640 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 09:54 - 2010-06-02 03:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2013-06-24 09:54 - 2010-06-02 03:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 09:54 - 2010-07-05 10:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 09:54 - 2010-11-11 10:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00025600 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2014-02-13 12:02 - 2014-02-13 12:02 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2011-09-06 04:33 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-02-21 14:50 - 2014-02-20 02:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-21 14:50 - 2014-02-20 02:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-21 14:50 - 2014-02-20 02:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-21 14:50 - 2014-02-20 02:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-21 14:50 - 2014-02-20 02:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-21 14:50 - 2014-02-20 02:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sabine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: ccleaner => "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Canon MX700 ser Network
Description: Canon MX700 ser Network
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (11/27/2013 11:32:48 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 33 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/19/2013 02:30:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4117 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (07/22/2013 06:57:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 268308 seconds with 34920 seconds of active time.  This session ended with a crash.

Error: (07/15/2013 04:02:17 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4251 seconds with 960 seconds of active time.  This session ended with a crash.

Error: (07/04/2013 00:37:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4143 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (07/04/2013 11:48:00 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4946 seconds with 1020 seconds of active time.  This session ended with a crash.

Error: (06/27/2013 09:00:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 770 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (06/03/2013 08:24:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3128 seconds with 2400 seconds of active time.  This session ended with a crash.

Error: (06/03/2013 03:01:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14057 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (04/22/2013 00:43:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1693 seconds with 120 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-02-13 18:19:24.458
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 17:47:59.798
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 15:58:49.469
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 14:49:46.754
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 14:01:20.606
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 13:54:32.901
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-13 08:30:39.689
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-12 21:04:24.966
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-12 20:12:39.620
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-12 19:39:27.554
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 50%
Total physical RAM: 4077.86 MB
Available physical RAM: 2020.96 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 5383 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:582.06 GB) (Free:471.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 63B28608)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=582 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

cosinus · 26.02.2014, 14:06

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

tam · 08.03.2014, 22:49

Malwarebytes:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.08.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Sabine :: SABINE-VAIO [Administrator]

08.03.2014 22:39:23
mbam-log-2014-03-08 (22-39-23).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 280853
Laufzeit: 8 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 8
C:\Users\Sabine\AppData\Local\Temp\nscDAC0.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sabine\AppData\Local\Temp\nsl6C9.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sabine\AppData\Local\Temp\nsm5126.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sabine\AppData\Local\Temp\nsm551D.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sabine\AppData\Local\Temp\nsm68EC.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sabine\AppData\Local\Temp\nsr38E.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sabine\AppData\Local\Temp\nsrFFE5.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sabine\AppData\Local\Temp\nsbA3D0\SpSetup.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

cosinus · 09.03.2014, 00:57

Nur Blödsinn in TMP

warten wir mal auf ESET

tam · 09.03.2014, 11:39

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a439d829de214a4d846f5d6bcf87c572
# engine=17370
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-09 10:12:47
# local_time=2014-03-09 11:12:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=1799 16775165 100 96 48072 259783257 50761 0
# compatibility_mode=5893 16776573 100 94 118683 145989817 0 0
# scanned=170733
# found=0
# cleaned=0
# scan_time=41788

cosinus · 09.03.2014, 14:45

TFC - Temp File Cleaner

Lade dir

TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.

Öffne die TFC.exe.
Vista und Win 7 User mit Rechtsklick "als Administrator starten".
Schließe alle anderen Programme.
Drücke auf den Button Start.
Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.

Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

21.02.2014, 10:44	#5
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Notebook wird immer langsam - etwas eingefangen? Die additions.txt von FRST fehlt, bitte nachreichen __________________ Logfiles bitte immer in CODE-Tags posten

09.03.2014, 00:57	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Notebook wird immer langsam - etwas eingefangen? Nur Blödsinn in TMP warten wir mal auf ESET __________________ Logfiles bitte immer in CODE-Tags posten

Notebook wird immer langsam - etwas eingefangen?

Plagegeister aller Art und deren Bekämpfung: Notebook wird immer langsam - etwas eingefangen?