Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.05.2014, 20:30   #1
sunny0510
 
Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Standard

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet



Hallo,

ich habe seit einigen Tagen ziemliche Problemem mit meinem Internet Browser (Firefox).
Ich werde ständig auf eine fremde Seite umgeleitet, vor allem auf die Website:

lpcloudbox33.com

Mein Betriebssystem ist Windows 8 und ich nutze Norton als Antivirusprogramm. Einen Virus finden konnte das Programm allerdings leider nicht.

Ich hoff ihr könnt mir hier weiter helfen.
Liebe Grüße und vielen Dank
Sunny


FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Christine (administrator) on VAIO-CHRISSI on 19-05-2014 21:04:47
Running from C:\Users\Christine\Downloads
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\nis.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\nis.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
() C:\Users\Christine\Downloads\Defogger.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1336083287-4292209160-2259122146-1001\...\RunOnce: [Application Restart #0] - C:\Users\CHRIST~1\AppData\Local\Temp\\Creative Cloud Helper.exe [346000 2014-03-09] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {713B281A-EADF-4580-B77A-4F002749D476} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {713B281A-EADF-4580-B77A-4F002749D476} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=21&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKCU - {B3B16346-CA14-409A-8609-928D26EA9672} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\wrz5x26t.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: Adobe Reader - c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-12-27]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2013-01-23] (Broadcom Corporation.)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-05] (Sony Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376 2014-03-12] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1369136 2013-09-25] (Sony Corporation)
R2 WDFME; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [1034752 2010-09-08] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [485376 2010-09-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2013-01-23] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140515.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140519.003\ENG64.SYS [126040 2014-01-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140519.003\EX64.SYS [2099288 2014-01-23] (Symantec Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-14] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1502000.026\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-19 21:04 - 2014-05-19 21:05 - 00020112 _____ () C:\Users\Christine\Downloads\FRST.txt
2014-05-19 21:04 - 2014-05-19 21:04 - 00000000 ____D () C:\FRST
2014-05-19 21:03 - 2014-05-19 21:04 - 02067456 _____ (Farbar) C:\Users\Christine\Downloads\FRST64.exe
2014-05-19 21:02 - 2014-05-19 21:02 - 00000480 _____ () C:\Users\Christine\Downloads\defogger_disable.log
2014-05-19 21:02 - 2014-05-19 21:02 - 00000000 _____ () C:\Users\Christine\defogger_reenable
2014-05-19 21:01 - 2014-05-19 21:01 - 00050477 _____ () C:\Users\Christine\Downloads\Defogger.exe
2014-05-19 20:55 - 2014-05-19 20:55 - 00000000 ____D () C:\ProgramData\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-05-17 18:26 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-17 18:26 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-17 18:26 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-16 23:20 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 23:20 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 23:20 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 23:20 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 23:20 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 23:20 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 23:20 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 23:20 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 23:20 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-16 23:20 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-16 23:20 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 23:20 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 23:20 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 23:20 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 23:20 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 23:20 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-16 23:20 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 23:20 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-16 23:20 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 23:20 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 23:20 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 23:20 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 23:20 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 23:20 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 23:20 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 23:20 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-16 23:20 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 23:20 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-16 23:19 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-16 23:19 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-16 23:19 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-16 23:19 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-16 23:19 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-16 23:19 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-16 23:19 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-16 23:19 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-16 23:19 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-13 21:19 - 2014-05-13 21:19 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-09 20:18 - 2014-05-09 20:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 17:18 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 17:18 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 17:18 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 17:18 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 17:18 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-04 10:43 - 2014-05-04 10:43 - 00003146 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-05-04 10:43 - 2014-05-04 10:43 - 00002044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00001976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 ____D () C:\Users\Christine\AppData\Roaming\iolo
2014-05-04 10:43 - 2014-05-04 10:41 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-05-04 10:38 - 2014-05-04 10:38 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-04 10:37 - 2014-02-14 14:02 - 03867224 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-04 10:37 - 2014-02-14 10:48 - 00945880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-04 10:37 - 2014-02-14 10:36 - 54936576 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-04 10:37 - 2014-02-13 09:48 - 00747989 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-04 10:37 - 2014-02-06 08:19 - 02787544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-05-04 10:37 - 2014-02-06 05:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-05-04 10:37 - 2014-02-03 18:45 - 14737496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 01932888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-05-04 10:37 - 2014-01-31 11:23 - 01419376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-05-04 10:37 - 2014-01-31 11:22 - 01419376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-05-04 10:37 - 2014-01-28 05:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-05-04 10:37 - 2014-01-10 00:52 - 00899320 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-05-04 10:37 - 2014-01-10 00:52 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-05-04 10:37 - 2014-01-10 00:51 - 01045752 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-05-04 10:37 - 2014-01-10 00:51 - 00245496 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-05-04 10:37 - 2014-01-03 10:02 - 01022680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-04 10:37 - 2013-12-31 05:16 - 02825432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-05-04 10:37 - 2013-12-27 08:58 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-04 10:37 - 2013-12-04 10:27 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-05-04 10:37 - 2013-10-15 21:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-05-04 10:37 - 2013-10-11 06:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-05-04 10:37 - 2013-10-06 18:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-05-04 10:37 - 2013-10-06 18:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-05-04 10:37 - 2013-10-06 18:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-05-04 10:37 - 2013-10-01 11:11 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-04 10:37 - 2013-09-09 22:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-05-04 10:37 - 2013-09-09 22:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-05-04 10:37 - 2013-09-09 22:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-05-04 10:37 - 2013-09-09 22:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-05-04 10:37 - 2013-08-14 09:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-05-04 10:37 - 2013-08-14 09:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-05-04 10:37 - 2013-06-25 06:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-05-04 10:37 - 2013-06-25 06:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-05-04 10:37 - 2013-06-25 06:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-04-22 22:11 - 2014-04-22 22:11 - 00000000 ____D () C:\Users\dub_cm_auto

==================== One Month Modified Files and Folders =======

2014-05-19 21:05 - 2014-05-19 21:04 - 00020112 _____ () C:\Users\Christine\Downloads\FRST.txt
2014-05-19 21:04 - 2014-05-19 21:04 - 00000000 ____D () C:\FRST
2014-05-19 21:04 - 2014-05-19 21:03 - 02067456 _____ (Farbar) C:\Users\Christine\Downloads\FRST64.exe
2014-05-19 21:02 - 2014-05-19 21:02 - 00000480 _____ () C:\Users\Christine\Downloads\defogger_disable.log
2014-05-19 21:02 - 2014-05-19 21:02 - 00000000 _____ () C:\Users\Christine\defogger_reenable
2014-05-19 21:02 - 2013-12-25 17:25 - 00000000 ____D () C:\Users\Christine
2014-05-19 21:01 - 2014-05-19 21:01 - 00050477 _____ () C:\Users\Christine\Downloads\Defogger.exe
2014-05-19 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-19 20:55 - 2014-05-19 20:55 - 00000000 ____D () C:\ProgramData\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-05-19 20:54 - 2013-08-04 08:52 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-05-19 20:54 - 2013-08-04 08:52 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-05-19 20:54 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-19 20:54 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-19 20:53 - 2014-03-06 19:26 - 00000000 ____D () C:\Users\Christine\Documents\Full Moon
2014-05-19 20:52 - 2014-02-28 20:26 - 00000000 ____D () C:\Users\Christine\Documents\Rezepte
2014-05-19 20:30 - 2013-12-25 17:47 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1336083287-4292209160-2259122146-1001
2014-05-19 20:19 - 2014-02-22 15:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-19 07:57 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-19 00:22 - 2012-07-26 07:26 - 01572864 ___SH () C:\Windows\system32\config\BBI
2014-05-19 00:16 - 2013-12-28 00:31 - 00000000 ____D () C:\Users\Christine\AppData\Local\Adobe
2014-05-19 00:16 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-19 00:15 - 2013-12-25 17:30 - 00000000 ___RD () C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-19 00:15 - 2013-12-25 17:30 - 00000000 ___RD () C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-19 00:13 - 2013-12-27 22:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-19 00:11 - 2013-08-04 08:02 - 01804238 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-19 00:07 - 2013-12-27 22:20 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-18 11:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-18 11:32 - 2013-12-28 00:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-18 11:29 - 2013-12-28 00:45 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-17 08:58 - 2014-02-12 19:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 18:40 - 2013-12-25 17:33 - 00000000 ____D () C:\Update
2014-05-13 21:19 - 2014-05-13 21:19 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-13 21:19 - 2014-02-22 15:54 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 11:18 - 2013-12-25 17:26 - 00000000 ____D () C:\Users\Christine\AppData\Local\Packages
2014-05-09 20:18 - 2014-05-09 20:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 07:14 - 2014-05-16 23:20 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-16 23:20 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-16 23:20 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-16 23:20 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-16 23:20 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-16 23:20 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-04 17:48 - 2014-03-17 21:34 - 00006520 _____ () C:\Windows\PFRO.log
2014-05-04 10:54 - 2014-03-06 21:49 - 00000000 ____D () C:\Users\Christine\AppData\Local\CrashDumps
2014-05-04 10:46 - 2013-08-04 08:57 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-05-04 10:46 - 2013-08-04 08:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-04 10:43 - 2014-05-04 10:43 - 00003146 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-05-04 10:43 - 2014-05-04 10:43 - 00002044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00001976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 ____D () C:\Users\Christine\AppData\Roaming\iolo
2014-05-04 10:43 - 2013-08-04 08:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-05-04 10:41 - 2014-05-04 10:43 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-05-04 10:38 - 2014-05-04 10:38 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-04 10:38 - 2014-03-09 22:35 - 00000898 _____ () C:\Windows\setupact.log
2014-05-04 10:38 - 2013-08-04 08:45 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-01 22:37 - 2013-12-31 13:41 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2013-12-31 13:41 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 11:08 - 2014-01-30 19:52 - 00119928 _____ () C:\Users\Christine\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-22 22:11 - 2014-04-22 22:11 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-19 11:39 - 2014-05-06 17:18 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 17:18 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 17:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 17:18 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 17:18 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

Some content of TEMP:
====================
C:\Users\Christine\AppData\Local\Temp\Creative Cloud Helper.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-16 23:20] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-17 08:51

==================== End Of Log ============================
         
--- --- ---


Addition.txt

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Christine at 2014-05-19 21:05:26
Running from C:\Users\Christine\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2529 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6201.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.6201.52 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (HKLM\...\Intel(R) PROSet/Wireless NFC-Software) (Version: 1.0.1.003 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (Version: 1.0.1.003 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.2.0.38 - Symantec Corporation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Web Plugin (HKLM-x32\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.0.1 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{4B93560B-F33D-4A67-A224-F5E1C329BD22}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.2.0.02040 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.1.10120 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WD SmartWare (HKLM\...\{6F482C75-174D-42EB-A2CF-B00A1F354F7B}) (Version: 1.4.1.1 - Western Digital)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4900 - Broadcom Corporation)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Restore Points  =========================

30-04-2014 22:11:23 Windows Update
04-05-2014 08:43:09 Entfernt VAIO Easy Connect
12-05-2014 12:26:09 Geplanter Prüfpunkt
17-05-2014 06:51:40 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {086ACB1D-AC87-459E-AE16-70CC47BCCF8C} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {088FBD0B-FFBE-418A-93D2-C68559408269} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {10BAA8E1-7AED-4369-85C5-FDBCEA275315} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-02-04] (Sony Corporation)
Task: {111ACA69-E4BB-41EE-9858-85BAB4483F91} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {13D78AD3-E0AB-4A4F-878C-47C10A1422C8} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2633E1B9-1A82-4169-AE3D-FD73342324F5} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2B0E040E-8CFB-4400-B3F6-06CB0135E743} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {302E8FD9-93CC-4EA8-ADFA-EC43313DF0F3} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {348733DD-DD7F-47A1-A381-94FE4C23ED76} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {3565CB6F-1BB2-4322-9EE7-8C9C2D72C9D2} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {38113F08-636E-43F5-8812-54E57E2FA1D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {3EF95FF3-70A7-4D07-B250-1029DDABD518} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {49FCEF6D-0A03-4628-ADA2-7BA18F829E40} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {4C685685-3E36-4F7E-83B6-3DB550DECB43} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {526F0BCE-92A9-4BDB-9A63-60F2B9ED4595} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {6B6C130B-E16C-4A9F-BEEB-86636560C838} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {860B093C-D8F0-4C47-9723-B7E115C8FA21} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {93EEA570-7B05-4A0B-A04F-4A3990C33AF0} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-09-27] (Sony Corporation)
Task: {962E9499-30AF-4A72-8730-4D6D9B8978E3} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9F53E4F6-BE13-4684-BBA8-687520E6E157} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AE00C1C4-E945-4DE7-8668-29CE02FBE7B5} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {B4A1A59C-4B24-4997-B11C-13FFB4A81212} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-christine-hilche@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {B8BF51C6-0126-45C0-890C-ADF36251790F} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CCCDA86B-7C33-494D-8573-9F0F5DD74304} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {D44F453E-8BBE-48F4-8B5F-41CA48A3D194} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {D5EF9F16-81FE-4395-B2BD-FBD207081D7E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-09-19] (Sony Corporation)
Task: {D8680DB5-89D9-44A9-A3C3-F1B4936495B6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {E9EFC32A-A482-4AC5-8FD2-CEF3CD1D928A} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ECBCE6A1-F47A-4A20-A7F9-3A0A2883B7DE} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F4A17F59-20AC-4857-95B9-E0F70351F30B} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-12-14 14:27 - 2012-12-14 14:27 - 00049520 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-02-11 04:21 - 2014-02-11 04:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-03-14 21:21 - 2013-03-14 05:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-09-08 10:45 - 2010-09-08 10:45 - 01034752 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
2010-09-08 10:44 - 2010-09-08 10:44 - 00485376 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
2014-05-19 21:01 - 2014-05-19 21:01 - 00050477 _____ () C:\Users\Christine\Downloads\Defogger.exe
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-11 16:09 - 2014-02-11 16:09 - 32733080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-05-09 20:18 - 2014-05-09 20:18 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-04 08:41 - 2013-01-23 11:26 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2010-03-05 10:24 - 2010-03-05 10:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\System.Data.SQLite.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/19/2014 09:05:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:05:53Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:05:23 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:05:23Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:04:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:04:53Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:04:23 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:04:23Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:03:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:03:53Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:03:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:03:18Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:02:48 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:02:48Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:02:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:02:18Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:01:48 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:01:48Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:01:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:01:18Z. Fehlercode: 0x80041316.


System errors:
=============
Error: (05/19/2014 07:59:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (05/19/2014 07:57:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (05/19/2014 00:17:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (05/19/2014 00:15:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (05/14/2014 09:31:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (05/04/2014 05:51:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (05/04/2014 05:49:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (05/04/2014 10:44:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (05/04/2014 10:41:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/04/2014 10:27:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037


Microsoft Office Sessions:
=========================
Error: (05/19/2014 09:05:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:05:53Z

Error: (05/19/2014 09:05:23 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:05:23Z

Error: (05/19/2014 09:04:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:04:53Z

Error: (05/19/2014 09:04:23 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:04:23Z

Error: (05/19/2014 09:03:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:03:53Z

Error: (05/19/2014 09:03:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:03:18Z

Error: (05/19/2014 09:02:48 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:02:48Z

Error: (05/19/2014 09:02:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:02:18Z

Error: (05/19/2014 09:01:48 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:01:48Z

Error: (05/19/2014 09:01:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:01:18Z


==================== Memory info =========================== 

Percentage of memory in use: 43%
Total physical RAM: 3974.8 MB
Available physical RAM: 2242.22 MB
Total Pagefile: 5190.8 MB
Available Pagefile: 3246.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:438.83 GB) (Free:387.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 231473CB)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
--- --- ---


Gmer.txt

Code:
ATTFilter
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Christine at 2014-05-19 21:05:26
Running from C:\Users\Christine\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2529 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6201.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.6201.52 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (HKLM\...\Intel(R) PROSet/Wireless NFC-Software) (Version: 1.0.1.003 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (Version: 1.0.1.003 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.2.0.38 - Symantec Corporation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Web Plugin (HKLM-x32\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.0.1 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{4B93560B-F33D-4A67-A224-F5E1C329BD22}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.2.0.02040 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.1.10120 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WD SmartWare (HKLM\...\{6F482C75-174D-42EB-A2CF-B00A1F354F7B}) (Version: 1.4.1.1 - Western Digital)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4900 - Broadcom Corporation)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Restore Points  =========================

30-04-2014 22:11:23 Windows Update
04-05-2014 08:43:09 Entfernt VAIO Easy Connect
12-05-2014 12:26:09 Geplanter Prüfpunkt
17-05-2014 06:51:40 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {086ACB1D-AC87-459E-AE16-70CC47BCCF8C} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {088FBD0B-FFBE-418A-93D2-C68559408269} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {10BAA8E1-7AED-4369-85C5-FDBCEA275315} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-02-04] (Sony Corporation)
Task: {111ACA69-E4BB-41EE-9858-85BAB4483F91} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {13D78AD3-E0AB-4A4F-878C-47C10A1422C8} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2633E1B9-1A82-4169-AE3D-FD73342324F5} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2B0E040E-8CFB-4400-B3F6-06CB0135E743} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {302E8FD9-93CC-4EA8-ADFA-EC43313DF0F3} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {348733DD-DD7F-47A1-A381-94FE4C23ED76} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {3565CB6F-1BB2-4322-9EE7-8C9C2D72C9D2} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {38113F08-636E-43F5-8812-54E57E2FA1D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {3EF95FF3-70A7-4D07-B250-1029DDABD518} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {49FCEF6D-0A03-4628-ADA2-7BA18F829E40} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {4C685685-3E36-4F7E-83B6-3DB550DECB43} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {526F0BCE-92A9-4BDB-9A63-60F2B9ED4595} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {6B6C130B-E16C-4A9F-BEEB-86636560C838} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {860B093C-D8F0-4C47-9723-B7E115C8FA21} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {93EEA570-7B05-4A0B-A04F-4A3990C33AF0} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-09-27] (Sony Corporation)
Task: {962E9499-30AF-4A72-8730-4D6D9B8978E3} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9F53E4F6-BE13-4684-BBA8-687520E6E157} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AE00C1C4-E945-4DE7-8668-29CE02FBE7B5} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {B4A1A59C-4B24-4997-B11C-13FFB4A81212} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-christine-hilche@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {B8BF51C6-0126-45C0-890C-ADF36251790F} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CCCDA86B-7C33-494D-8573-9F0F5DD74304} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {D44F453E-8BBE-48F4-8B5F-41CA48A3D194} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {D5EF9F16-81FE-4395-B2BD-FBD207081D7E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-09-19] (Sony Corporation)
Task: {D8680DB5-89D9-44A9-A3C3-F1B4936495B6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {E9EFC32A-A482-4AC5-8FD2-CEF3CD1D928A} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ECBCE6A1-F47A-4A20-A7F9-3A0A2883B7DE} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F4A17F59-20AC-4857-95B9-E0F70351F30B} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-12-14 14:27 - 2012-12-14 14:27 - 00049520 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-02-11 04:21 - 2014-02-11 04:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-03-14 21:21 - 2013-03-14 05:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-09-08 10:45 - 2010-09-08 10:45 - 01034752 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
2010-09-08 10:44 - 2010-09-08 10:44 - 00485376 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
2014-05-19 21:01 - 2014-05-19 21:01 - 00050477 _____ () C:\Users\Christine\Downloads\Defogger.exe
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-11 16:09 - 2014-02-11 16:09 - 32733080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-05-09 20:18 - 2014-05-09 20:18 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-04 08:41 - 2013-01-23 11:26 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2010-03-05 10:24 - 2010-03-05 10:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\System.Data.SQLite.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/19/2014 09:05:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:05:53Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:05:23 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:05:23Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:04:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:04:53Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:04:23 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:04:23Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:03:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:03:53Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:03:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:03:18Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:02:48 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:02:48Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:02:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:02:18Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:01:48 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:01:48Z. Fehlercode: 0x80041316.

Error: (05/19/2014 09:01:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-25T19:01:18Z. Fehlercode: 0x80041316.


System errors:
=============
Error: (05/19/2014 07:59:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (05/19/2014 07:57:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (05/19/2014 00:17:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (05/19/2014 00:15:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (05/14/2014 09:31:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (05/04/2014 05:51:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (05/04/2014 05:49:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (05/04/2014 10:44:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (05/04/2014 10:41:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/04/2014 10:27:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037


Microsoft Office Sessions:
=========================
Error: (05/19/2014 09:05:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:05:53Z

Error: (05/19/2014 09:05:23 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:05:23Z

Error: (05/19/2014 09:04:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:04:53Z

Error: (05/19/2014 09:04:23 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:04:23Z

Error: (05/19/2014 09:03:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:03:53Z

Error: (05/19/2014 09:03:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:03:18Z

Error: (05/19/2014 09:02:48 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:02:48Z

Error: (05/19/2014 09:02:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:02:18Z

Error: (05/19/2014 09:01:48 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:01:48Z

Error: (05/19/2014 09:01:18 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413162114-04-25T19:01:18Z


==================== Memory info =========================== 

Percentage of memory in use: 43%
Total physical RAM: 3974.8 MB
Available physical RAM: 2242.22 MB
Total Pagefile: 5190.8 MB
Available Pagefile: 3246.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:438.83 GB) (Free:387.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 231473CB)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 20.05.2014, 05:55   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Standard

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 20.05.2014, 18:24   #3
sunny0510
 
Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Standard

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet



Vielen Dank für die schnelle Antwort.

Combofix Logfile:
Code:
ATTFilter
ComboFix 14-05-19.01 - Christine 20.05.2014  19:04:17.1.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.3975.2449 [GMT 2:00]
ausgeführt von:: c:\users\Christine\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton Internet Security *Disabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-20 bis 2014-05-20  ))))))))))))))))))))))))))))))
.
.
2014-05-20 17:11 . 2014-05-20 17:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-19 19:04 . 2014-05-19 19:06	--------	d-----w-	C:\FRST
2014-05-19 18:55 . 2014-05-19 18:55	--------	d-----w-	c:\programdata\Western Digital
2014-05-19 18:54 . 2014-05-19 18:54	--------	d-----w-	c:\program files\Western Digital
2014-05-19 18:54 . 2014-05-19 18:54	--------	d-----w-	c:\program files (x86)\Western Digital
2014-05-18 22:07 . 2014-05-18 22:07	--------	d-----w-	c:\windows\system32\drivers\NISx64\1503000.00C
2014-05-17 22:33 . 2014-05-17 22:33	261808	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10239.bin
2014-05-17 16:27 . 2014-03-23 22:11	1640896	----a-w-	c:\program files\Windows Defender\MpSvc.dll
2014-05-17 16:27 . 2014-03-23 22:11	918320	----a-w-	c:\program files\Windows Defender\MpClient.dll
2014-05-17 16:27 . 2014-03-23 22:11	693328	----a-w-	c:\program files (x86)\Windows Defender\MpClient.dll
2014-05-16 21:19 . 2014-03-01 09:47	1258496	----a-w-	c:\windows\system32\kernel32.dll
2014-05-16 21:19 . 2014-03-01 09:47	1120768	----a-w-	c:\windows\system32\gpedit.dll
2014-05-16 21:19 . 2014-03-01 08:07	1075200	----a-w-	c:\windows\SysWow64\gpedit.dll
2014-05-16 21:19 . 2014-02-26 23:18	621568	----a-w-	c:\windows\system32\drivers\srv2.sys
2014-05-16 21:19 . 2014-02-26 23:18	370688	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2014-05-16 21:19 . 2014-02-26 23:18	247808	----a-w-	c:\windows\system32\drivers\srvnet.sys
2014-05-16 21:19 . 2014-02-26 23:18	215040	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2014-05-16 21:19 . 2014-02-15 04:15	78336	----a-w-	c:\windows\system32\drivers\IPMIDrv.sys
2014-05-13 19:19 . 2014-05-13 19:19	17938608	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-05-06 15:18 . 2014-04-19 09:39	628024	----a-w-	c:\windows\system32\NotificationUI.exe
2014-05-06 15:18 . 2014-04-19 08:45	693760	----a-w-	c:\windows\system32\WSShared.dll
2014-05-06 15:18 . 2014-04-19 06:57	566784	----a-w-	c:\windows\SysWow64\WSShared.dll
2014-05-06 15:18 . 2014-04-19 08:45	163840	----a-w-	c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 15:18 . 2014-04-19 06:57	124928	----a-w-	c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-04 08:43 . 2014-05-04 08:41	13792	----a-w-	c:\windows\system32\drivers\semav6thermal64ro.sys
2014-05-04 08:43 . 2014-05-04 08:43	--------	d-----w-	c:\users\Christine\AppData\Roaming\iolo
2014-04-22 20:11 . 2014-04-22 20:11	--------	d-----w-	c:\users\dub_cm_auto
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-18 09:29 . 2013-12-27 22:45	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-05-01 20:37 . 2013-12-31 11:41	78296	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-01 20:37 . 2013-12-31 11:41	694240	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-15 00:34 . 2014-04-15 00:34	1070232	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-14 18:57 . 2013-12-25 15:27	17536	----a-w-	c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-03-07 00:48 . 2014-04-12 08:50	1766400	----a-w-	c:\windows\SysWow64\wininet.dll
2014-03-07 00:47 . 2014-04-12 08:50	2877952	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-03-07 00:08 . 2014-04-12 08:50	51712	----a-w-	c:\windows\system32\ie4uinit.exe
2014-03-07 00:08 . 2014-04-12 08:50	2240000	----a-w-	c:\windows\system32\wininet.dll
2014-03-07 00:08 . 2014-04-12 08:50	1365504	----a-w-	c:\windows\system32\urlmon.dll
2014-03-07 00:08 . 2014-04-12 08:50	915968	----a-w-	c:\windows\system32\uxtheme.dll
2014-03-07 00:08 . 2014-04-12 08:50	603136	----a-w-	c:\windows\system32\msfeeds.dll
2014-03-07 00:08 . 2014-04-12 08:50	855552	----a-w-	c:\windows\system32\jscript.dll
2014-03-07 00:08 . 2014-04-12 08:50	3959808	----a-w-	c:\windows\system32\jscript9.dll
2014-03-07 00:08 . 2014-04-12 08:50	15404544	----a-w-	c:\windows\system32\ieframe.dll
2014-03-07 00:08 . 2014-04-12 08:50	2648576	----a-w-	c:\windows\system32\iertutil.dll
2014-03-04 04:18 . 2014-03-20 06:52	1148120	----a-w-	c:\windows\system32\drivers\NISx64\1502000.026\symefa64.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-01-03 17:23	220632	----a-w-	c:\users\Christine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-01-03 17:23	220632	----a-w-	c:\users\Christine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-01-03 17:23	220632	----a-w-	c:\users\Christine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2013-02-06 740376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"Intel AppUp(R) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2013-02-19 156000]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-02-11 2239376]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-9-8 6163456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
R3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\System32\drivers\wdcsam64.sys;c:\windows\SYSNATIVE\drivers\wdcsam64.sys [x]
R4 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\NISx64\1502000.026\SymELAM.sys;c:\windows\SYSNATIVE\drivers\NISx64\1502000.026\SymELAM.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1502000.026\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1502000.026\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1502000.026\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1502000.026\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [x]
S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1502000.026\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1502000.026\ccSetx64.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140519.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140519.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1502000.026\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1502000.026\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1502000.026\SYMNETS.SYS [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [x]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [x]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2012-09-23 18:43	214664	----a-w-	c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-27 19:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-02-11 02:21	644464	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-02-11 02:21	644464	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-02-11 02:21	644464	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-01-03 17:23	244696	----a-w-	c:\users\Christine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-01-03 17:23	244696	----a-w-	c:\users\Christine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-01-03 17:23	244696	----a-w-	c:\users\Christine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2013-03-14 10590208]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2014-02-11 1381744]
"Bluetooth"="c:\program files\WIDCOMM\Bluetooth Software\bttray.exe" [2012-12-14 526704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-14 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-14 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-14 442352]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-12-10 472984]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://sony13.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\wrz5x26t.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.2.0.38\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.2.0.38;c:\program files (x86)\Norton Internet Security\Engine64\21.2.0.38"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-05-20  19:21:36
ComboFix-quarantined-files.txt  2014-05-20 17:21
.
Vor Suchlauf: 12 Verzeichnis(se), 415.381.983.232 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 415.571.263.488 Bytes frei
.
- - End Of File - - 6E87A5D37B4E19A58E865BF1EE01F859
         
--- --- ---
__________________

Alt 21.05.2014, 08:55   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Standard

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.05.2014, 20:40   #5
sunny0510
 
Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Standard

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet



Hier die gewünschten logs

mbam.txt

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 22.05.2014
Suchlauf-Zeit: 20:35:01
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.05.22.09
Rootkit Datenbank: v2014.05.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Christine

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 287212
Verstrichene Zeit: 15 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Adw Cleaner

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.210 - Bericht erstellt am 22/05/2014 um 21:17:40
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Christine - VAIO-CHRISSI
# Gestartet von : C:\Users\Christine\Desktop\adwcleaner_3.210.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Christine\AppData\Roaming\pdfforge

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\wrz5x26t.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1632 octets] - [22/05/2014 20:57:55]
AdwCleaner[R1].txt - [1692 octets] - [22/05/2014 21:17:15]
AdwCleaner[S0].txt - [1491 octets] - [22/05/2014 21:17:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1551 octets] ##########
         
--- --- ---


JRT.txt

JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Christine on 22.05.2014 at 21:25:18,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Christine\AppData\Roaming\mozilla\firefox\profiles\wrz5x26t.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.05.2014 at 21:32:27,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---


FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Christine (administrator) on VAIO-CHRISSI on 22-05-2014 21:35:56
Running from C:\Users\Christine\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\nis.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\nis.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {713B281A-EADF-4580-B77A-4F002749D476} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {B3B16346-CA14-409A-8609-928D26EA9672} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\wrz5x26t.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: Adobe Reader - c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-12-27]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2013-01-23] (Broadcom Corporation.)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-05] (Sony Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376 2014-03-12] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1369136 2013-09-25] (Sony Corporation)
R2 WDFME; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [1034752 2010-09-08] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [485376 2010-09-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2013-01-23] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140521.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140522.001\ENG64.SYS [126040 2014-01-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140522.001\EX64.SYS [2099288 2014-01-23] (Symantec Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-14] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1502000.026\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-22 21:35 - 2014-05-22 21:35 - 02067456 _____ (Farbar) C:\Users\Christine\Desktop\FRST64.exe
2014-05-22 21:35 - 2014-05-22 21:35 - 00019560 _____ () C:\Users\Christine\Desktop\FRST.txt
2014-05-22 21:32 - 2014-05-22 21:32 - 00000751 _____ () C:\Users\Christine\Desktop\JRT.txt
2014-05-22 21:25 - 2014-05-22 21:25 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 21:24 - 2014-05-22 21:24 - 01016261 _____ (Thisisu) C:\Users\Christine\Desktop\JRT.exe
2014-05-22 21:22 - 2014-05-22 21:22 - 00001631 _____ () C:\Users\Christine\Desktop\AdwCleaner[S0].txt
2014-05-22 20:57 - 2014-05-22 21:17 - 00000000 ____D () C:\AdwCleaner
2014-05-22 20:56 - 2014-05-22 20:56 - 01326389 _____ () C:\Users\Christine\Desktop\adwcleaner_3.210.exe
2014-05-22 20:55 - 2014-05-22 20:55 - 00001148 _____ () C:\Users\Christine\Desktop\mbam.txt
2014-05-22 20:33 - 2014-05-22 20:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-22 20:33 - 2014-05-22 20:33 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-22 20:33 - 2014-05-22 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-22 20:33 - 2014-05-22 20:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-22 20:33 - 2014-05-22 20:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-22 20:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-22 20:33 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-22 20:33 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-22 20:32 - 2014-05-22 20:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Christine\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-21 22:53 - 2014-05-21 22:53 - 01021920 _____ (Symantec Corporation) C:\Users\Christine\Downloads\NortonNISDownloader.exe
2014-05-20 19:21 - 2014-05-20 19:21 - 00022055 _____ () C:\ComboFix.txt
2014-05-20 19:02 - 2014-05-20 19:21 - 00000000 ____D () C:\Qoobox
2014-05-20 19:02 - 2014-05-20 19:21 - 00000000 ____D () C:\ComboFix
2014-05-20 19:02 - 2014-05-20 19:13 - 00000000 ____D () C:\Windows\erdnt
2014-05-20 19:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-20 19:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-20 19:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-19 21:12 - 2014-05-19 21:12 - 00380416 _____ () C:\Users\Christine\Downloads\Gmer-19357.exe
2014-05-19 21:05 - 2014-05-19 21:06 - 00034393 _____ () C:\Users\Christine\Downloads\Addition.txt
2014-05-19 21:04 - 2014-05-22 21:35 - 00000000 ____D () C:\FRST
2014-05-19 21:04 - 2014-05-19 21:06 - 00041782 _____ () C:\Users\Christine\Downloads\FRST.txt
2014-05-19 21:03 - 2014-05-19 21:04 - 02067456 _____ (Farbar) C:\Users\Christine\Downloads\FRST64.exe
2014-05-19 21:02 - 2014-05-19 21:02 - 00000480 _____ () C:\Users\Christine\Downloads\defogger_disable.log
2014-05-19 21:02 - 2014-05-19 21:02 - 00000000 _____ () C:\Users\Christine\defogger_reenable
2014-05-19 21:01 - 2014-05-19 21:01 - 00050477 _____ () C:\Users\Christine\Downloads\Defogger.exe
2014-05-19 20:55 - 2014-05-19 20:55 - 00000000 ____D () C:\ProgramData\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-05-17 18:26 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-17 18:26 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-17 18:26 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-16 23:20 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 23:20 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 23:20 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 23:20 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 23:20 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 23:20 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 23:20 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 23:20 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 23:20 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-16 23:20 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-16 23:20 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 23:20 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 23:20 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 23:20 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 23:20 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 23:20 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-16 23:20 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 23:20 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-16 23:20 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 23:20 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 23:20 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 23:20 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 23:20 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 23:20 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 23:20 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 23:20 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-16 23:20 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 23:20 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-16 23:19 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-16 23:19 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-16 23:19 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-16 23:19 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-16 23:19 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-16 23:19 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-16 23:19 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-16 23:19 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-16 23:19 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-13 21:19 - 2014-05-13 21:19 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-09 20:18 - 2014-05-09 20:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 17:18 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 17:18 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 17:18 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 17:18 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 17:18 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-04 10:43 - 2014-05-04 10:43 - 00003146 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-05-04 10:43 - 2014-05-04 10:43 - 00002044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00001976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 ____D () C:\Users\Christine\AppData\Roaming\iolo
2014-05-04 10:43 - 2014-05-04 10:41 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-05-04 10:38 - 2014-05-04 10:38 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-04 10:37 - 2014-02-14 14:02 - 03867224 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-04 10:37 - 2014-02-14 10:48 - 00945880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-04 10:37 - 2014-02-14 10:36 - 54936576 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-04 10:37 - 2014-02-13 09:48 - 00747989 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-04 10:37 - 2014-02-06 08:19 - 02787544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-05-04 10:37 - 2014-02-06 05:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-05-04 10:37 - 2014-02-03 18:45 - 14737496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 01932888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-05-04 10:37 - 2014-01-31 11:23 - 01419376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-05-04 10:37 - 2014-01-31 11:22 - 01419376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-05-04 10:37 - 2014-01-28 05:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-05-04 10:37 - 2014-01-10 00:52 - 00899320 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-05-04 10:37 - 2014-01-10 00:52 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-05-04 10:37 - 2014-01-10 00:51 - 01045752 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-05-04 10:37 - 2014-01-10 00:51 - 00245496 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-05-04 10:37 - 2014-01-03 10:02 - 01022680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-04 10:37 - 2013-12-31 05:16 - 02825432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-05-04 10:37 - 2013-12-27 08:58 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-04 10:37 - 2013-12-04 10:27 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-05-04 10:37 - 2013-10-15 21:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-05-04 10:37 - 2013-10-11 06:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-05-04 10:37 - 2013-10-06 18:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-05-04 10:37 - 2013-10-06 18:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-05-04 10:37 - 2013-10-06 18:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-05-04 10:37 - 2013-10-01 11:11 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-04 10:37 - 2013-09-09 22:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-05-04 10:37 - 2013-09-09 22:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-05-04 10:37 - 2013-09-09 22:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-05-04 10:37 - 2013-09-09 22:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-05-04 10:37 - 2013-08-14 09:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-05-04 10:37 - 2013-08-14 09:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-05-04 10:37 - 2013-06-25 06:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-05-04 10:37 - 2013-06-25 06:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-05-04 10:37 - 2013-06-25 06:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-04-22 22:11 - 2014-05-20 19:21 - 00000000 ____D () C:\Users\dub_cm_auto

==================== One Month Modified Files and Folders =======

2014-05-22 21:35 - 2014-05-22 21:35 - 02067456 _____ (Farbar) C:\Users\Christine\Desktop\FRST64.exe
2014-05-22 21:35 - 2014-05-22 21:35 - 00019560 _____ () C:\Users\Christine\Desktop\FRST.txt
2014-05-22 21:35 - 2014-05-19 21:04 - 00000000 ____D () C:\FRST
2014-05-22 21:32 - 2014-05-22 21:32 - 00000751 _____ () C:\Users\Christine\Desktop\JRT.txt
2014-05-22 21:25 - 2014-05-22 21:25 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 21:24 - 2014-05-22 21:24 - 01016261 _____ (Thisisu) C:\Users\Christine\Desktop\JRT.exe
2014-05-22 21:22 - 2014-05-22 21:22 - 00001631 _____ () C:\Users\Christine\Desktop\AdwCleaner[S0].txt
2014-05-22 21:22 - 2013-08-04 08:02 - 01860412 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 21:21 - 2013-12-28 00:31 - 00000000 ____D () C:\Users\Christine\AppData\Local\Adobe
2014-05-22 21:19 - 2014-03-17 21:34 - 00007280 _____ () C:\Windows\PFRO.log
2014-05-22 21:19 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 21:18 - 2012-07-26 07:26 - 01572864 ___SH () C:\Windows\system32\config\BBI
2014-05-22 21:17 - 2014-05-22 20:57 - 00000000 ____D () C:\AdwCleaner
2014-05-22 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-22 20:56 - 2014-05-22 20:56 - 01326389 _____ () C:\Users\Christine\Desktop\adwcleaner_3.210.exe
2014-05-22 20:55 - 2014-05-22 20:55 - 00001148 _____ () C:\Users\Christine\Desktop\mbam.txt
2014-05-22 20:34 - 2014-05-22 20:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-22 20:33 - 2014-05-22 20:33 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-22 20:33 - 2014-05-22 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-22 20:33 - 2014-05-22 20:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-22 20:33 - 2014-05-22 20:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-22 20:32 - 2014-05-22 20:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Christine\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-22 20:19 - 2014-02-22 15:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-22 08:49 - 2014-03-06 21:49 - 00000000 ____D () C:\Users\Christine\AppData\Local\CrashDumps
2014-05-21 22:55 - 2013-12-27 22:15 - 00000000 ____D () C:\ProgramData\Norton
2014-05-21 22:53 - 2014-05-21 22:53 - 01021920 _____ (Symantec Corporation) C:\Users\Christine\Downloads\NortonNISDownloader.exe
2014-05-21 22:53 - 2013-12-27 22:15 - 00001263 _____ () C:\Users\Christine\Desktop\Norton-Installationsdateien.lnk
2014-05-21 22:53 - 2013-12-27 22:15 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-05-21 07:05 - 2013-12-25 17:25 - 00000000 ____D () C:\Users\Christine
2014-05-20 19:21 - 2014-05-20 19:21 - 00022055 _____ () C:\ComboFix.txt
2014-05-20 19:21 - 2014-05-20 19:02 - 00000000 ____D () C:\Qoobox
2014-05-20 19:21 - 2014-05-20 19:02 - 00000000 ____D () C:\ComboFix
2014-05-20 19:21 - 2014-04-22 22:11 - 00000000 ____D () C:\Users\dub_cm_auto
2014-05-20 19:21 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-05-20 19:13 - 2014-05-20 19:02 - 00000000 ____D () C:\Windows\erdnt
2014-05-20 19:12 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-05-19 21:35 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-05-19 21:23 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-19 21:12 - 2014-05-19 21:12 - 00380416 _____ () C:\Users\Christine\Downloads\Gmer-19357.exe
2014-05-19 21:06 - 2014-05-19 21:05 - 00034393 _____ () C:\Users\Christine\Downloads\Addition.txt
2014-05-19 21:06 - 2014-05-19 21:04 - 00041782 _____ () C:\Users\Christine\Downloads\FRST.txt
2014-05-19 21:04 - 2014-05-19 21:03 - 02067456 _____ (Farbar) C:\Users\Christine\Downloads\FRST64.exe
2014-05-19 21:02 - 2014-05-19 21:02 - 00000480 _____ () C:\Users\Christine\Downloads\defogger_disable.log
2014-05-19 21:02 - 2014-05-19 21:02 - 00000000 _____ () C:\Users\Christine\defogger_reenable
2014-05-19 21:01 - 2014-05-19 21:01 - 00050477 _____ () C:\Users\Christine\Downloads\Defogger.exe
2014-05-19 20:55 - 2014-05-19 20:55 - 00000000 ____D () C:\ProgramData\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-05-19 20:54 - 2013-08-04 08:52 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-05-19 20:54 - 2013-08-04 08:52 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-05-19 20:54 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-19 20:54 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-19 20:53 - 2014-03-06 19:26 - 00000000 ____D () C:\Users\Christine\Documents\Full Moon
2014-05-19 20:52 - 2014-02-28 20:26 - 00000000 ____D () C:\Users\Christine\Documents\Rezepte
2014-05-19 20:30 - 2013-12-25 17:47 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1336083287-4292209160-2259122146-1001
2014-05-19 00:16 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-19 00:15 - 2013-12-25 17:30 - 00000000 ___RD () C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-19 00:15 - 2013-12-25 17:30 - 00000000 ___RD () C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-19 00:13 - 2013-12-27 22:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-19 00:07 - 2013-12-27 22:20 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-18 11:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-18 11:32 - 2013-12-28 00:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-18 11:29 - 2013-12-28 00:45 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-17 08:58 - 2014-02-12 19:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 18:40 - 2013-12-25 17:33 - 00000000 ____D () C:\Update
2014-05-13 21:19 - 2014-05-13 21:19 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-13 21:19 - 2014-02-22 15:54 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 11:18 - 2013-12-25 17:26 - 00000000 ____D () C:\Users\Christine\AppData\Local\Packages
2014-05-12 07:26 - 2014-05-22 20:33 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-22 20:33 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-22 20:33 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 20:18 - 2014-05-09 20:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 07:14 - 2014-05-16 23:20 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-16 23:20 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-16 23:20 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-16 23:20 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-16 23:20 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-16 23:20 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-04 10:46 - 2013-08-04 08:57 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-05-04 10:46 - 2013-08-04 08:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-04 10:43 - 2014-05-04 10:43 - 00003146 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-05-04 10:43 - 2014-05-04 10:43 - 00002044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00001976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 ____D () C:\Users\Christine\AppData\Roaming\iolo
2014-05-04 10:43 - 2013-08-04 08:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-05-04 10:41 - 2014-05-04 10:43 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-05-04 10:38 - 2014-05-04 10:38 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-04 10:38 - 2014-03-09 22:35 - 00000898 _____ () C:\Windows\setupact.log
2014-05-04 10:38 - 2013-08-04 08:45 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-01 22:37 - 2013-12-31 13:41 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2013-12-31 13:41 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 11:08 - 2014-01-30 19:52 - 00119928 _____ () C:\Users\Christine\AppData\Local\GDIPFONTCACHEV1.DAT

Some content of TEMP:
====================
C:\Users\Christine\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-16 23:20] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-17 08:51

==================== End Of Log ============================
         
--- --- ---


Alt 23.05.2014, 16:23   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Standard

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet

Alt 23.05.2014, 18:51   #7
sunny0510
 
Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Standard

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ce67189299eece47bae54a2ea43b1114
# engine=18384
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-23 05:40:42
# local_time=2014-05-23 07:40:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode=3591 16777213 100 88 415527 163463427 0 0
# compatibility_mode=5893 16776574 100 94 415744 37828669 0 0
# scanned=202606
# found=1
# cleaned=0
# scan_time=5489
sh=1447092BA29779C726829611180994E17718C412 ft=1 fh=23f22b72eb3a5b90 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Christine\Downloads\PDFCreator-1_7_2_setup_offline.exe"
         
Bei Security Check kommt folgende Fehlermeldung

Code:
ATTFilter
 UNSUPPORTED OPERATING SYSTEM! ABORTED!
         

Alt 24.05.2014, 18:10   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Standard

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet



Frisches FRST log und Antwort auf meine Frage fehlt
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.05.2014, 18:04   #9
sunny0510
 
Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Standard

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet



Ja, leider bestehen die Probleme nach wie vor.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Christine (administrator) on VAIO-CHRISSI on 26-05-2014 19:02:02
Running from C:\Users\Christine\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\nis.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\nis.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(www.rene-zeidler.de) C:\Users\Christine\AppData\Local\Temp\SnippingToolPlusv3-4-1-0\Snipping Tool Plus.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Solution.Updater.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {713B281A-EADF-4580-B77A-4F002749D476} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {B3B16346-CA14-409A-8609-928D26EA9672} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\wrz5x26t.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: Adobe Reader - c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-12-27]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2013-01-23] (Broadcom Corporation.)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-05] (Sony Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1369136 2013-09-25] (Sony Corporation)
R2 WDFME; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [1034752 2010-09-08] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [485376 2010-09-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2013-01-23] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140523.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140525.002\ENG64.SYS [126040 2014-01-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140525.002\EX64.SYS [2099288 2014-01-23] (Symantec Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-14] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1503000.00C\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-26 19:01 - 2014-05-26 19:01 - 00000000 ____D () C:\Users\Christine\Desktop\FRST-OlderVersion
2014-05-25 18:51 - 2014-05-25 18:51 - 06147041 _____ () C:\Users\Christine\Desktop\CAM00563_cut.mp4
2014-05-25 18:27 - 2014-05-25 18:27 - 00001362 _____ () C:\Users\Public\Desktop\Free Video Editor.lnk
2014-05-25 18:27 - 2014-05-25 18:27 - 00001203 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-05-25 18:27 - 2014-05-25 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-25 18:27 - 2014-05-25 18:27 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-05-25 18:26 - 2014-05-25 18:28 - 00000000 ____D () C:\Users\Christine\AppData\Roaming\DVDVideoSoft
2014-05-25 18:26 - 2014-05-25 18:26 - 31464328 _____ (DVDVideoSoft Ltd. ) C:\Users\Christine\Desktop\FreeVideoEditor.exe
2014-05-25 18:19 - 2014-05-25 18:19 - 00001334 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-05-25 18:19 - 2014-05-25 18:19 - 00001265 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-05-25 18:19 - 2014-05-25 18:19 - 00000000 ____D () C:\Windows\de
2014-05-25 18:19 - 2014-05-25 18:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-05-25 18:18 - 2014-05-25 18:19 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-05-25 18:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-05-25 18:18 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-05-25 18:18 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-05-25 18:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-05-25 18:18 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-05-25 18:18 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-05-25 18:18 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-05-25 18:18 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-05-25 18:18 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-05-25 18:18 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-05-25 18:17 - 2014-05-25 18:17 - 00000199 _____ () C:\Windows\DirectX.log
2014-05-25 18:17 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-05-25 18:17 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-05-25 18:16 - 2014-05-25 18:20 - 00000000 ____D () C:\Users\Christine\AppData\Local\Windows Live
2014-05-25 18:14 - 2014-05-25 18:15 - 142602520 _____ (Microsoft Corporation) C:\Users\Christine\Desktop\wlsetup-all_16.4.3508.0205.exe
2014-05-25 18:13 - 2014-05-25 22:55 - 00000000 ____D () C:\Users\Christine\Desktop\U
2014-05-25 09:17 - 2014-05-25 09:17 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-23 19:43 - 2014-05-23 19:43 - 00854367 _____ () C:\Users\Christine\Desktop\SecurityCheck.exe
2014-05-23 18:06 - 2014-05-23 18:06 - 02347384 _____ (ESET) C:\Users\Christine\Desktop\esetsmartinstaller_deu.exe
2014-05-22 21:35 - 2014-05-26 19:02 - 00019955 _____ () C:\Users\Christine\Desktop\FRST.txt
2014-05-22 21:35 - 2014-05-26 19:01 - 02066944 _____ (Farbar) C:\Users\Christine\Desktop\FRST64.exe
2014-05-22 21:32 - 2014-05-22 21:32 - 00000751 _____ () C:\Users\Christine\Desktop\JRT.txt
2014-05-22 21:25 - 2014-05-22 21:25 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 21:24 - 2014-05-22 21:24 - 01016261 _____ (Thisisu) C:\Users\Christine\Desktop\JRT.exe
2014-05-22 21:22 - 2014-05-22 21:22 - 00001631 _____ () C:\Users\Christine\Desktop\AdwCleaner[S0].txt
2014-05-22 20:57 - 2014-05-22 21:17 - 00000000 ____D () C:\AdwCleaner
2014-05-22 20:56 - 2014-05-22 20:56 - 01326389 _____ () C:\Users\Christine\Desktop\adwcleaner_3.210.exe
2014-05-22 20:55 - 2014-05-22 20:55 - 00001148 _____ () C:\Users\Christine\Desktop\mbam.txt
2014-05-22 20:33 - 2014-05-22 20:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-22 20:32 - 2014-05-22 20:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Christine\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-21 22:53 - 2014-05-21 22:53 - 01021920 _____ (Symantec Corporation) C:\Users\Christine\Downloads\NortonNISDownloader.exe
2014-05-20 19:21 - 2014-05-20 19:21 - 00022055 _____ () C:\ComboFix.txt
2014-05-20 19:02 - 2014-05-20 19:21 - 00000000 ____D () C:\Qoobox
2014-05-20 19:02 - 2014-05-20 19:21 - 00000000 ____D () C:\ComboFix
2014-05-20 19:02 - 2014-05-20 19:13 - 00000000 ____D () C:\Windows\erdnt
2014-05-20 19:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-20 19:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-20 19:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-20 19:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-19 21:12 - 2014-05-19 21:12 - 00380416 _____ () C:\Users\Christine\Downloads\Gmer-19357.exe
2014-05-19 21:05 - 2014-05-19 21:06 - 00034393 _____ () C:\Users\Christine\Downloads\Addition.txt
2014-05-19 21:04 - 2014-05-26 19:02 - 00000000 ____D () C:\FRST
2014-05-19 21:04 - 2014-05-19 21:06 - 00041782 _____ () C:\Users\Christine\Downloads\FRST.txt
2014-05-19 21:03 - 2014-05-19 21:04 - 02067456 _____ (Farbar) C:\Users\Christine\Downloads\FRST64.exe
2014-05-19 21:02 - 2014-05-19 21:02 - 00000480 _____ () C:\Users\Christine\Downloads\defogger_disable.log
2014-05-19 21:02 - 2014-05-19 21:02 - 00000000 _____ () C:\Users\Christine\defogger_reenable
2014-05-19 21:01 - 2014-05-19 21:01 - 00050477 _____ () C:\Users\Christine\Downloads\Defogger.exe
2014-05-19 20:55 - 2014-05-19 20:55 - 00000000 ____D () C:\ProgramData\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-05-17 18:26 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-17 18:26 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-17 18:26 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-16 23:20 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 23:20 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 23:20 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 23:20 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 23:20 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 23:20 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 23:20 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 23:20 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 23:20 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-16 23:20 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-16 23:20 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 23:20 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-16 23:20 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 23:20 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 23:20 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 23:20 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 23:20 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 23:20 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-16 23:20 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 23:20 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-16 23:20 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 23:20 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 23:20 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 23:20 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 23:20 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 23:20 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 23:20 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 23:20 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 23:20 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-16 23:20 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 23:20 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-16 23:19 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-16 23:19 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-16 23:19 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-16 23:19 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-16 23:19 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-16 23:19 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-16 23:19 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-16 23:19 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-16 23:19 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-13 21:19 - 2014-05-13 21:19 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-09 20:18 - 2014-05-09 20:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 17:18 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 17:18 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 17:18 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 17:18 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 17:18 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-04 10:43 - 2014-05-04 10:43 - 00003146 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-05-04 10:43 - 2014-05-04 10:43 - 00002044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00001976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 ____D () C:\Users\Christine\AppData\Roaming\iolo
2014-05-04 10:43 - 2014-05-04 10:41 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-05-04 10:38 - 2014-05-04 10:38 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-04 10:37 - 2014-02-14 14:02 - 03867224 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-04 10:37 - 2014-02-14 10:48 - 00945880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-04 10:37 - 2014-02-14 10:36 - 54936576 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-04 10:37 - 2014-02-13 09:48 - 00747989 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-04 10:37 - 2014-02-06 08:19 - 02787544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-05-04 10:37 - 2014-02-06 05:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-05-04 10:37 - 2014-02-03 18:45 - 14737496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 01932888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-05-04 10:37 - 2014-02-03 18:45 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-05-04 10:37 - 2014-01-31 11:23 - 01419376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-05-04 10:37 - 2014-01-31 11:22 - 01419376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-05-04 10:37 - 2014-01-28 05:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-05-04 10:37 - 2014-01-10 00:52 - 00899320 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-05-04 10:37 - 2014-01-10 00:52 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-05-04 10:37 - 2014-01-10 00:51 - 01045752 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-05-04 10:37 - 2014-01-10 00:51 - 00245496 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-05-04 10:37 - 2014-01-03 10:02 - 01022680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-04 10:37 - 2013-12-31 05:16 - 02825432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-05-04 10:37 - 2013-12-27 08:58 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-04 10:37 - 2013-12-04 10:27 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-05-04 10:37 - 2013-10-15 21:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-05-04 10:37 - 2013-10-11 06:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-05-04 10:37 - 2013-10-06 18:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-05-04 10:37 - 2013-10-06 18:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-05-04 10:37 - 2013-10-06 18:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-05-04 10:37 - 2013-10-01 11:11 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-04 10:37 - 2013-09-09 22:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-05-04 10:37 - 2013-09-09 22:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-05-04 10:37 - 2013-09-09 22:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-05-04 10:37 - 2013-09-09 22:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-05-04 10:37 - 2013-08-14 09:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-05-04 10:37 - 2013-08-14 09:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-05-04 10:37 - 2013-06-25 06:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-05-04 10:37 - 2013-06-25 06:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-05-04 10:37 - 2013-06-25 06:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll

==================== One Month Modified Files and Folders =======

2014-05-26 19:02 - 2014-05-22 21:35 - 00019955 _____ () C:\Users\Christine\Desktop\FRST.txt
2014-05-26 19:02 - 2014-05-19 21:04 - 00000000 ____D () C:\FRST
2014-05-26 19:01 - 2014-05-26 19:01 - 00000000 ____D () C:\Users\Christine\Desktop\FRST-OlderVersion
2014-05-26 19:01 - 2014-05-22 21:35 - 02066944 _____ (Farbar) C:\Users\Christine\Desktop\FRST64.exe
2014-05-26 19:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-26 08:19 - 2014-02-22 15:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-26 07:53 - 2013-12-28 00:31 - 00000000 ____D () C:\Users\Christine\AppData\Local\Adobe
2014-05-25 22:55 - 2014-05-25 18:13 - 00000000 ____D () C:\Users\Christine\Desktop\U
2014-05-25 22:51 - 2014-02-15 13:47 - 00000000 ____D () C:\Users\Christine\AppData\Local\www.rene-zeidler.de
2014-05-25 18:51 - 2014-05-25 18:51 - 06147041 _____ () C:\Users\Christine\Desktop\CAM00563_cut.mp4
2014-05-25 18:28 - 2014-05-25 18:26 - 00000000 ____D () C:\Users\Christine\AppData\Roaming\DVDVideoSoft
2014-05-25 18:27 - 2014-05-25 18:27 - 00001362 _____ () C:\Users\Public\Desktop\Free Video Editor.lnk
2014-05-25 18:27 - 2014-05-25 18:27 - 00001203 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-05-25 18:27 - 2014-05-25 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-25 18:27 - 2014-05-25 18:27 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-05-25 18:26 - 2014-05-25 18:26 - 31464328 _____ (DVDVideoSoft Ltd. ) C:\Users\Christine\Desktop\FreeVideoEditor.exe
2014-05-25 18:20 - 2014-05-25 18:16 - 00000000 ____D () C:\Users\Christine\AppData\Local\Windows Live
2014-05-25 18:19 - 2014-05-25 18:19 - 00001334 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-05-25 18:19 - 2014-05-25 18:19 - 00001265 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-05-25 18:19 - 2014-05-25 18:19 - 00000000 ____D () C:\Windows\de
2014-05-25 18:19 - 2014-05-25 18:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-05-25 18:19 - 2014-05-25 18:18 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-05-25 18:18 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-25 18:17 - 2014-05-25 18:17 - 00000199 _____ () C:\Windows\DirectX.log
2014-05-25 18:15 - 2014-05-25 18:14 - 142602520 _____ (Microsoft Corporation) C:\Users\Christine\Desktop\wlsetup-all_16.4.3508.0205.exe
2014-05-25 09:17 - 2014-05-25 09:17 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-23 23:00 - 2013-08-04 08:02 - 01907953 _____ () C:\Windows\WindowsUpdate.log
2014-05-23 19:43 - 2014-05-23 19:43 - 00854367 _____ () C:\Users\Christine\Desktop\SecurityCheck.exe
2014-05-23 18:06 - 2014-05-23 18:06 - 02347384 _____ (ESET) C:\Users\Christine\Desktop\esetsmartinstaller_deu.exe
2014-05-22 21:32 - 2014-05-22 21:32 - 00000751 _____ () C:\Users\Christine\Desktop\JRT.txt
2014-05-22 21:25 - 2014-05-22 21:25 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 21:24 - 2014-05-22 21:24 - 01016261 _____ (Thisisu) C:\Users\Christine\Desktop\JRT.exe
2014-05-22 21:22 - 2014-05-22 21:22 - 00001631 _____ () C:\Users\Christine\Desktop\AdwCleaner[S0].txt
2014-05-22 21:19 - 2014-03-17 21:34 - 00007280 _____ () C:\Windows\PFRO.log
2014-05-22 21:19 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 21:18 - 2012-07-26 07:26 - 01572864 ___SH () C:\Windows\system32\config\BBI
2014-05-22 21:17 - 2014-05-22 20:57 - 00000000 ____D () C:\AdwCleaner
2014-05-22 20:56 - 2014-05-22 20:56 - 01326389 _____ () C:\Users\Christine\Desktop\adwcleaner_3.210.exe
2014-05-22 20:55 - 2014-05-22 20:55 - 00001148 _____ () C:\Users\Christine\Desktop\mbam.txt
2014-05-22 20:33 - 2014-05-22 20:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-22 20:32 - 2014-05-22 20:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Christine\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-22 08:49 - 2014-03-06 21:49 - 00000000 ____D () C:\Users\Christine\AppData\Local\CrashDumps
2014-05-21 22:55 - 2013-12-27 22:15 - 00000000 ____D () C:\ProgramData\Norton
2014-05-21 22:53 - 2014-05-21 22:53 - 01021920 _____ (Symantec Corporation) C:\Users\Christine\Downloads\NortonNISDownloader.exe
2014-05-21 22:53 - 2013-12-27 22:15 - 00001263 _____ () C:\Users\Christine\Desktop\Norton-Installationsdateien.lnk
2014-05-21 22:53 - 2013-12-27 22:15 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-05-21 07:05 - 2013-12-25 17:25 - 00000000 ____D () C:\Users\Christine
2014-05-20 19:21 - 2014-05-20 19:21 - 00022055 _____ () C:\ComboFix.txt
2014-05-20 19:21 - 2014-05-20 19:02 - 00000000 ____D () C:\Qoobox
2014-05-20 19:21 - 2014-05-20 19:02 - 00000000 ____D () C:\ComboFix
2014-05-20 19:21 - 2014-04-22 22:11 - 00000000 ____D () C:\Users\dub_cm_auto
2014-05-20 19:21 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-05-20 19:13 - 2014-05-20 19:02 - 00000000 ____D () C:\Windows\erdnt
2014-05-20 19:12 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-05-19 21:35 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-05-19 21:23 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-19 21:12 - 2014-05-19 21:12 - 00380416 _____ () C:\Users\Christine\Downloads\Gmer-19357.exe
2014-05-19 21:06 - 2014-05-19 21:05 - 00034393 _____ () C:\Users\Christine\Downloads\Addition.txt
2014-05-19 21:06 - 2014-05-19 21:04 - 00041782 _____ () C:\Users\Christine\Downloads\FRST.txt
2014-05-19 21:04 - 2014-05-19 21:03 - 02067456 _____ (Farbar) C:\Users\Christine\Downloads\FRST64.exe
2014-05-19 21:02 - 2014-05-19 21:02 - 00000480 _____ () C:\Users\Christine\Downloads\defogger_disable.log
2014-05-19 21:02 - 2014-05-19 21:02 - 00000000 _____ () C:\Users\Christine\defogger_reenable
2014-05-19 21:01 - 2014-05-19 21:01 - 00050477 _____ () C:\Users\Christine\Downloads\Defogger.exe
2014-05-19 20:55 - 2014-05-19 20:55 - 00000000 ____D () C:\ProgramData\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files\Western Digital
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-05-19 20:54 - 2013-08-04 08:52 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-05-19 20:54 - 2013-08-04 08:52 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-05-19 20:54 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-19 20:54 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-19 20:53 - 2014-03-06 19:26 - 00000000 ____D () C:\Users\Christine\Documents\Full Moon
2014-05-19 20:52 - 2014-02-28 20:26 - 00000000 ____D () C:\Users\Christine\Documents\Rezepte
2014-05-19 20:30 - 2013-12-25 17:47 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1336083287-4292209160-2259122146-1001
2014-05-19 00:16 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-19 00:15 - 2013-12-25 17:30 - 00000000 ___RD () C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-19 00:15 - 2013-12-25 17:30 - 00000000 ___RD () C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-19 00:13 - 2013-12-27 22:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-19 00:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-19 00:07 - 2013-12-27 22:20 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-18 11:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-18 11:32 - 2013-12-28 00:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-18 11:29 - 2013-12-28 00:45 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-17 08:58 - 2014-02-12 19:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 18:40 - 2013-12-25 17:33 - 00000000 ____D () C:\Update
2014-05-13 21:19 - 2014-05-13 21:19 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-13 21:19 - 2014-02-22 15:54 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 11:18 - 2013-12-25 17:26 - 00000000 ____D () C:\Users\Christine\AppData\Local\Packages
2014-05-09 20:18 - 2014-05-09 20:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 07:14 - 2014-05-16 23:20 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-16 23:20 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-16 23:20 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-16 23:20 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-16 23:20 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-16 23:20 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-04 10:46 - 2013-08-04 08:57 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-05-04 10:46 - 2013-08-04 08:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-04 10:43 - 2014-05-04 10:43 - 00003146 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-05-04 10:43 - 2014-05-04 10:43 - 00002044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00001976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-05-04 10:43 - 2014-05-04 10:43 - 00000000 ____D () C:\Users\Christine\AppData\Roaming\iolo
2014-05-04 10:43 - 2013-08-04 08:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-05-04 10:41 - 2014-05-04 10:43 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-05-04 10:38 - 2014-05-04 10:38 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-04 10:38 - 2014-03-09 22:35 - 00000898 _____ () C:\Windows\setupact.log
2014-05-04 10:38 - 2013-08-04 08:45 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-01 22:37 - 2013-12-31 13:41 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2013-12-31 13:41 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Christine\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-16 23:20] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-23 22:23

==================== End Of Log ============================
         
--- --- ---

Alt 27.05.2014, 12:28   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Standard

Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet



Und nur Firefox?

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet
adobe, association, bonjour, browser, converter, cpu, defender, desktop, device driver, error, excel, fehler, firefox, flash player, home, installation, internet, mail.de, mozilla, realtek, registry, rundll, security, services.exe, software, svchost.exe, symantec, windows, wscript.exe, xperia



Ähnliche Themen: Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet


  1. Windows 7 Prof SP1: Ständig Umleitung auf Umfrage- und Werbeseiten
    Log-Analyse und Auswertung - 12.11.2015 (32)
  2. windows XP SP3: jede Internetseite wird auf kabeldeutschland umgeleitet
    Log-Analyse und Auswertung - 18.06.2015 (13)
  3. Windows 7 : Webseiten sind von werbe adds besetzt und werden ständig zu pop ups umgeleitet
    Log-Analyse und Auswertung - 31.03.2015 (17)
  4. PC mit Vista wird langsam und öffnet ständig neue Fenster im Firefox
    Log-Analyse und Auswertung - 11.10.2014 (49)
  5. Chrome und Firefox öffnen ständig Werbeseiten,Malwarebytes funktionioniert nicht mehr,auch nicht mit Chameleon
    Log-Analyse und Auswertung - 18.09.2014 (12)
  6. Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird
    Plagegeister aller Art und deren Bekämpfung - 20.07.2014 (20)
  7. Nach Firefox auch von Opera ständig auf falsche Seiten umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 02.07.2014 (15)
  8. Ständige Weiterleitung auf ominöse Werbeseiten bei Firefox mit Windows 7
    Plagegeister aller Art und deren Bekämpfung - 23.05.2014 (18)
  9. Win XP: Firefox lädt ständig pop.shpath.net und Werbeseiten
    Log-Analyse und Auswertung - 08.11.2013 (7)
  10. PC wird immer langsamer firefox öffnet ständig neue Fenster
    Log-Analyse und Auswertung - 16.07.2013 (15)
  11. Google Suchergebnisse werden zu Werbeseiten umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 13.04.2011 (1)
  12. Firefox öffnet ständig Werbeseiten
    Log-Analyse und Auswertung - 15.01.2010 (1)
  13. es wird ständig werbung geöffnet (mozilla firefox)
    Log-Analyse und Auswertung - 02.01.2010 (5)
  14. Trojanerbefall, Windows Update wird auf msn.com umgeleitet etc. PC spinnt...
    Log-Analyse und Auswertung - 01.01.2009 (24)
  15. Firefox öffnet ständig Werbeseiten
    Log-Analyse und Auswertung - 28.12.2008 (14)
  16. Pc wird immer langsamer! Firefox öffnet ständig neue Fenster
    Log-Analyse und Auswertung - 20.03.2008 (7)
  17. Mein Firefox wird als umgeleitet
    Log-Analyse und Auswertung - 09.11.2005 (4)

Zum Thema Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet - Hallo, ich habe seit einigen Tagen ziemliche Problemem mit meinem Internet Browser (Firefox). Ich werde ständig auf eine fremde Seite umgeleitet, vor allem auf die Website: lpcloudbox33.com Mein Betriebssystem ist - Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet...
Archiv
Du betrachtest: Windows 8: Firefox wird ständig auf Werbeseiten umgeleitet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.