Habe Zombie News auf meinem Laptop.
FRST Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2014
Ran by derya (administrator) on VAIO on 28-12-2014 13:38:07
Running from C:\Users\derya\Downloads
Loaded Profile: derya (Available profiles: derya)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ClickCaption) C:\Program Files (x86)\ClickCaption_1.10.0.5\Service\ccsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Time Lapse Solutions) C:\ProgramData\qFcAZf\txBLYva.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\derya\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\derya\AppData\Roaming\Spotify\spotify.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
() C:\Users\derya\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\derya\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\derya\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Users\derya\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\derya\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
() C:\Users\derya\AppData\Local\Installer\Installcr_1672\DCytdieamo_amodc_setup.exe
() C:\Users\derya\AppData\Local\Installer\Installiwebar_2898\DCytdieamo_amodc_setup.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] ( (Atheros Communications))
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\Run: [Spotify Web Helper] => C:\Users\derya\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\Run: [Facebook Update] => C:\Users\derya\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-15] (Facebook Inc.)
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\Run: [Spotify] => C:\Users\derya\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22059616 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\Run: [clicup] => C:\Users\derya\AppData\Local\clicup\chrmndr.exe
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\RunOnce: [Adobe Speed Launcher] => 1419768449
AppInit_DLLs-x32: c:/progra~3/{207cc~1/171~1.0/coca.dll => "c:/progra~3/{207cc~1/171~1.0/coca.dll" File Not Found
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
CHR HKU\S-1-5-21-525407912-4045976023-3324896752-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-525407912-4045976023-3324896752-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP19D799BD-0E53-4817-90FC-12E417B156BA&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-525407912-4045976023-3324896752-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-525407912-4045976023-3324896752-1001 -> {41BF22B3-42E4-462A-AC43-B242D2572D61} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-525407912-4045976023-3324896752-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-525407912-4045976023-3324896752-1001 -> ÛŸÆîZ§’2¹Þpv¨IÍá�*X(Ž2s��(ÛÎÀJºÔÓµ± �vË°!×—(ä¼48и�patm6êo�^Mp`�Ëõ÷_i£w˜¾!„Áû�†x¢8€ÙjÀÿþ*´Ñ;áa´�[¦†8*º~RÙxœòÜ8'£-)�x*ä* URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: DizzyDing 1.0.0.6 -> {b57f3d1b-2f97-4686-b2dd-f2bc1ac645e2} -> C:\Program Files (x86)\DizzyDing\DizzyDingbho.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-525407912-4045976023-3324896752-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\derya\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-525407912-4045976023-3324896752-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\derya\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-525407912-4045976023-3324896752-1001: electronicarts.com/GameFacePlugin -> C:\Users\derya\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
Chrome:
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1419695780&from=pcs&uid=HitachiXHTS543232A7A384_E20342BL1Y880P1Y880PX
CHR StartupUrls: Default -> "https://www.google.de/?gws_rd=ssl"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\derya\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\derya\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (Google Wallet) - C:\Users\derya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR StartMenuInternet: Google Chrome - chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-26] (AVAST Software)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ccsvc_1.10.0.5; C:\Program Files (x86)\ClickCaption_1.10.0.5\Service\ccsvc.exe [277584 2014-12-12] (ClickCaption)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-08-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-08-06] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-12-28] (Enigma Software Group USA, LLC.)
R2 txBLYva; C:\ProgramData\qFcAZf\txBLYva.exe [2726256 2014-12-28] (Time Lapse Solutions)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]
S2 Update DizzyDing; "C:\Program Files (x86)\DizzyDing\updateDizzyDing.exe" [X]
S2 YTDUpdt; C:\PROGRA~2\YTDOWN~1\YTDUPD~1.EXE [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-26] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-12-02] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-11-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccnfd_1_10_0_5; C:\Windows\System32\drivers\ccnfd_1_10_0_5.sys [58232 2014-12-12] (ClickCaption)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-12-28] ()
S3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-12-27] ()
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 BtFilter; \SystemRoot\system32\DRIVERS\btfilter.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-28 13:38 - 2014-12-28 13:39 - 00025383 _____ () C:\Users\derya\Downloads\FRST.txt
2014-12-28 13:37 - 2014-12-28 13:38 - 00000000 ____D () C:\FRST
2014-12-28 13:37 - 2014-12-28 13:37 - 02122752 _____ (Farbar) C:\Users\derya\Downloads\FRST64.exe
2014-12-28 13:20 - 2014-12-28 13:20 - 01660616 _____ (ESET) C:\Users\derya\Downloads\eset_smart_security_live_installer_.exe
2014-12-28 05:17 - 2014-12-28 05:17 - 00000000 ____D () C:\Users\derya\AppData\Local\CrashRpt
2014-12-28 05:15 - 2014-12-28 13:24 - 00000000 ____D () C:\Users\derya\AppData\Local\ZombieNews
2014-12-28 05:05 - 2014-12-28 05:05 - 00000000 ____D () C:\ProgramData\1078601655
2014-12-28 05:03 - 2014-12-28 05:03 - 02166272 _____ () C:\Users\derya\Desktop\adwcleaner-4.105-en.exe
2014-12-28 05:01 - 2014-12-28 05:01 - 00594184 _____ () C:\Users\derya\Downloads\AdwCleaner.exe
2014-12-28 04:26 - 2014-12-28 05:10 - 00000000 ____D () C:\AdwCleaner
2014-12-28 04:26 - 2014-12-28 04:26 - 02173952 _____ () C:\Users\derya\Downloads\adwcleaner_4.106.exe
2014-12-28 04:25 - 2014-12-28 04:25 - 00689851 _____ () C:\Users\derya\Downloads\trz43EF.tmp
2014-12-28 04:25 - 2014-12-28 04:24 - 00452711 _____ () C:\Users\derya\Downloads\trzCC1E.tmp
2014-12-28 03:56 - 2014-12-28 03:56 - 00000000 _____ () C:\autoexec.bat
2014-12-28 03:55 - 2014-12-28 03:55 - 00000000 ____D () C:\Users\derya\AppData\Roaming\Enigma Software Group
2014-12-28 03:55 - 2014-12-28 03:55 - 00000000 ____D () C:\sh4ldr
2014-12-28 03:54 - 2014-12-28 03:54 - 00022704 _____ () C:\WINDOWS\system32\Drivers\EsgScanner.sys
2014-12-28 03:54 - 2014-12-28 03:54 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-12-28 03:50 - 2014-12-28 03:50 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\derya\Downloads\SpyHunter-Installer (1).exe
2014-12-28 03:46 - 2014-12-28 03:46 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\derya\Downloads\SpyHunter-Installer.exe
2014-12-28 01:11 - 2014-12-28 01:11 - 00003094 _____ () C:\WINDOWS\System32\Tasks\{020032A9-26C4-4A98-9A29-DD86C745E95E}
2014-12-28 00:57 - 2014-12-28 00:57 - 00000000 ____D () C:\ProgramData\qFcAZf
2014-12-28 00:08 - 2014-12-28 00:08 - 00000203 _____ () C:\Users\derya\Downloads\film.mp4
2014-12-28 00:05 - 2014-12-28 00:10 - 00000000 ____D () C:\Users\derya\AppData\Roaming\vlc
2014-12-28 00:04 - 2014-12-28 13:14 - 00000000 ____D () C:\Program Files\VideoLAN
2014-12-28 00:02 - 2014-12-28 00:02 - 01174352 _____ () C:\Users\derya\Downloads\VLC media player 64 Bit - CHIP-Installer.exe
2014-12-27 23:56 - 2014-12-27 23:56 - 01064056 _____ (Download Manager) C:\Users\derya\Downloads\setup (7).exe
2014-12-27 23:56 - 2014-12-27 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-12-27 23:56 - 2014-12-27 23:56 - 00000000 ____D () C:\Program Files (x86)\Xvid
2014-12-27 23:56 - 2014-04-08 21:51 - 00706048 _____ () C:\WINDOWS\system32\xvidcore.dll
2014-12-27 23:56 - 2014-04-08 21:51 - 00251392 _____ () C:\WINDOWS\system32\xvidvfw.dll
2014-12-27 23:56 - 2014-04-08 21:51 - 00169984 _____ () C:\WINDOWS\system32\xvid.ax
2014-12-27 23:56 - 2014-04-08 21:50 - 00632320 _____ () C:\WINDOWS\SysWOW64\xvidcore.dll
2014-12-27 23:56 - 2014-04-08 21:50 - 00235520 _____ () C:\WINDOWS\SysWOW64\xvidvfw.dll
2014-12-27 23:56 - 2014-04-08 21:50 - 00147456 _____ () C:\WINDOWS\SysWOW64\xvid.ax
2014-12-27 23:54 - 2014-12-27 23:55 - 11261576 _____ (Xvid Team) C:\Users\derya\Downloads\Xvid-1.3.3-20140407.exe
2014-12-27 23:04 - 2014-12-27 23:04 - 00003122 _____ () C:\WINDOWS\System32\Tasks\USER_ESRV_SVC
2014-12-27 23:04 - 2014-12-27 23:04 - 00002060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-12-27 23:04 - 2014-12-27 23:04 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-12-27 23:02 - 2014-07-01 16:36 - 00000426 _____ () C:\AVScanner.ini
2014-12-27 22:46 - 2014-12-27 22:46 - 00000417 _____ () C:\WINDOWS\SynInst.log
2014-12-27 17:30 - 2014-12-27 17:30 - 00022528 _____ () C:\Users\derya\AppData\Local\trzB80A.tmp
2014-12-27 17:29 - 2014-12-27 17:29 - 00234679 _____ () C:\Users\derya\AppData\Local\dsi1.dat
2014-12-27 17:29 - 2014-12-27 17:29 - 00161916 _____ () C:\Users\derya\AppData\Local\dsi2.dat
2014-12-27 17:29 - 2014-12-27 17:29 - 00022528 _____ () C:\Users\derya\AppData\Local\trz5CBA.tmp
2014-12-27 16:43 - 2014-12-28 05:05 - 00000000 ____D () C:\ProgramData\2355320829
2014-12-27 16:33 - 2014-12-27 16:45 - 00003240 _____ () C:\WINDOWS\System32\Tasks\Super Optimizer Schedule
2014-12-27 16:28 - 2014-12-27 16:28 - 00000000 ____D () C:\Program Files (x86)\ClickCaption_1.10.0.5
2014-12-27 16:15 - 2014-12-27 16:15 - 00000000 ____D () C:\Users\derya\AppData\Local\ContextTrue
2014-12-27 16:13 - 2014-12-27 16:13 - 00000000 ____D () C:\Program Files (x86)\pre_installer_de
2014-12-27 16:12 - 2014-12-27 16:12 - 00004362 _____ () C:\WINDOWS\System32\Tasks\Installer_iwebar
2014-12-27 16:12 - 2014-12-27 16:12 - 00004346 _____ () C:\WINDOWS\System32\Tasks\Installer_cr
2014-12-27 16:06 - 2014-12-27 16:09 - 00574144 _____ () C:\Users\derya\Downloads\DivX.Web.Player.Installer__8420_i1432837035_il29559.exe
2014-12-23 22:55 - 2014-12-23 22:55 - 00000000 ____D () C:\Users\derya\AppData\Roaming\Electronic Arts
2014-12-23 22:48 - 2014-12-23 22:48 - 09091423 _____ (Electronic Arts) C:\Users\derya\Downloads\GameFaceBrowserPluginInstaller.1.8.0.0.exe
2014-12-23 22:45 - 2014-12-23 22:45 - 00000000 ____D () C:\Users\derya\AppData\Local\Unity
2014-12-23 22:44 - 2014-12-23 22:44 - 01080608 _____ (Unity Technologies ApS) C:\Users\derya\Downloads\UnityWebPlayer.exe
2014-12-15 23:33 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-15 23:33 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-12 00:53 - 2014-12-12 00:53 - 00058232 _____ (ClickCaption) C:\WINDOWS\system32\Drivers\ccnfd_1_10_0_5.sys
2014-12-11 23:40 - 2014-12-11 23:40 - 00072648 _____ () C:\Users\derya\Downloads\FLVPlayer-Chrome.exe
2014-12-10 05:01 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 05:01 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 05:01 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 05:01 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 04:42 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 04:42 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 04:42 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 04:42 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 04:42 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 04:42 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 04:42 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 04:42 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 04:42 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 04:42 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-10 04:41 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 04:41 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 04:41 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 04:41 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 04:41 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 04:41 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 04:41 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 04:41 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 04:41 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 04:41 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 04:41 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 04:41 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 04:41 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 04:41 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 04:41 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 04:41 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 04:41 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 04:41 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 04:41 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 04:41 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 04:41 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 04:41 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 04:41 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 04:41 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 04:41 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 04:41 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 04:41 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 04:41 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 04:41 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 04:41 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 04:41 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 04:41 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 04:41 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 04:41 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 04:41 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 04:41 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 04:41 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-28 13:39 - 2013-12-25 16:59 - 01647038 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-28 13:32 - 2014-08-16 14:06 - 00005118 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for VAIO-derya VAIO
2014-12-28 13:27 - 2013-04-24 17:15 - 00000000 ____D () C:\Users\derya\AppData\Roaming\Spotify
2014-12-28 13:19 - 2013-04-24 15:47 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-525407912-4045976023-3324896752-1001
2014-12-28 13:12 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-28 13:11 - 2013-12-25 17:16 - 00000000 ___DO () C:\Users\derya\SkyDrive
2014-12-28 13:09 - 2013-08-12 12:24 - 00000000 ____D () C:\Users\derya\AppData\Local\CrashDumps
2014-12-28 13:07 - 2013-04-24 16:04 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-28 13:07 - 2013-04-24 16:04 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-28 13:05 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-28 13:01 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-28 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-28 10:43 - 2014-01-18 15:22 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D59412A2-7DDA-42B5-B436-4BD81043FA2C}
2014-12-28 10:41 - 2013-08-15 00:36 - 00000938 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-525407912-4045976023-3324896752-1001UA.job
2014-12-28 05:11 - 2013-11-13 23:18 - 00095570 _____ () C:\WINDOWS\PFRO.log
2014-12-28 04:32 - 2013-12-25 16:41 - 00000000 ____D () C:\Users\derya
2014-12-28 04:01 - 2013-09-30 22:02 - 00000284 _____ () C:\Users\derya\AppData\Roaming\WB.CFG
2014-12-28 01:48 - 2013-12-25 17:12 - 00001450 _____ () C:\Users\derya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-28 01:41 - 2013-08-15 00:36 - 00000916 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-525407912-4045976023-3324896752-1001Core.job
2014-12-27 23:52 - 2013-11-14 08:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-27 23:52 - 2013-11-14 08:11 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-27 23:52 - 2013-11-14 08:11 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-27 23:50 - 2013-08-22 15:46 - 00292865 _____ () C:\WINDOWS\setupact.log
2014-12-27 23:05 - 2014-01-05 15:09 - 00000000 ____D () C:\Update
2014-12-27 23:04 - 2012-10-31 04:45 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-12-27 23:03 - 2012-10-31 04:17 - 00000000 ____D () C:\Program Files\Sony
2014-12-27 23:02 - 2014-07-01 16:35 - 00000000 ____D () C:\ProgramData\Sony
2014-12-27 23:01 - 2014-03-03 23:01 - 00013792 _____ () C:\WINDOWS\system32\Drivers\semav6thermal64ro.sys
2014-12-27 22:52 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-27 22:51 - 2013-04-24 16:13 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-27 22:45 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-12-27 22:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-12-27 22:43 - 2012-10-31 04:29 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-12-27 22:42 - 2013-12-25 16:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-12-27 22:42 - 2013-08-22 15:46 - 00002002 _____ () C:\WINDOWS\setuperr.log
2014-12-27 22:42 - 2013-04-24 15:41 - 00000000 ____D () C:\Users\derya\Documents\Bluetooth Folder
2014-12-27 22:38 - 2012-10-31 04:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-27 22:31 - 2013-09-30 21:04 - 00000000 ____D () C:\Program Files\DivX
2014-12-27 22:31 - 2013-09-30 21:02 - 00000000 ____D () C:\ProgramData\DivX
2014-12-27 22:31 - 2013-09-30 21:02 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-12-27 16:58 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-27 16:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-27 00:46 - 2013-04-29 20:06 - 00000000 ____D () C:\output
2014-12-26 12:01 - 2014-06-24 19:53 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-18 20:31 - 2013-04-24 17:15 - 00000000 ____D () C:\Users\derya\AppData\Local\Spotify
2014-12-12 14:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-12 12:42 - 2012-10-31 05:01 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-12-12 06:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 06:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 06:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 05:52 - 2013-04-26 20:27 - 00000000 ____D () C:\Users\derya\AppData\Roaming\Skype
2014-12-12 04:47 - 2013-08-14 10:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-12 04:37 - 2013-04-25 11:22 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 00:00 - 2013-10-19 23:24 - 00000000 ____D () C:\Users\derya\Desktop\rachel
2014-12-08 23:47 - 2013-11-10 15:58 - 00000000 ____D () C:\Users\derya\Desktop\antonia
2014-12-08 23:47 - 2013-06-02 12:14 - 00000000 ____D () C:\Users\derya\Desktop\kristen
Some content of TEMP:
====================
C:\Users\derya\AppData\Local\Temp\BackupSetup.exe
C:\Users\derya\AppData\Local\Temp\DivX.Web.Player.Installer__8420_i1432837035_il29559.exe
C:\Users\derya\AppData\Local\Temp\DivXSetup.exe
C:\Users\derya\AppData\Local\Temp\dlLogic.exe
C:\Users\derya\AppData\Local\Temp\EnableExtDll.dll
C:\Users\derya\AppData\Local\Temp\IminentSetup-NewVer_22april.exe
C:\Users\derya\AppData\Local\Temp\mp3el2.exe
C:\Users\derya\AppData\Local\Temp\nsdABF0.exe
C:\Users\derya\AppData\Local\Temp\nsk970F.exe
C:\Users\derya\AppData\Local\Temp\nslBC6.exe
C:\Users\derya\AppData\Local\Temp\nsmA74C.exe
C:\Users\derya\AppData\Local\Temp\nsrF438.exe
C:\Users\derya\AppData\Local\Temp\nsvF197.exe
C:\Users\derya\AppData\Local\Temp\nsx919F.exe
C:\Users\derya\AppData\Local\Temp\nsz741.exe
C:\Users\derya\AppData\Local\Temp\openssl.exe
C:\Users\derya\AppData\Local\Temp\optprosetup.exe
C:\Users\derya\AppData\Local\Temp\prismsetup.exe
C:\Users\derya\AppData\Local\Temp\Quarantine.exe
C:\Users\derya\AppData\Local\Temp\sdfEC8C.exe
C:\Users\derya\AppData\Local\Temp\setup.exe
C:\Users\derya\AppData\Local\Temp\SkypeSetup.exe
C:\Users\derya\AppData\Local\Temp\sp-downloader.exe
C:\Users\derya\AppData\Local\Temp\SPSetup.exe
C:\Users\derya\AppData\Local\Temp\sqlite3.dll
C:\Users\derya\AppData\Local\Temp\tmd_34018450.exe
C:\Users\derya\AppData\Local\Temp\tmp5BB1.exe
C:\Users\derya\AppData\Local\Temp\tmp7C2C.exe
C:\Users\derya\AppData\Local\Temp\tu17p84.exe
C:\Users\derya\AppData\Local\Temp\uninst1.exe
C:\Users\derya\AppData\Local\Temp\vcredist_x64.exe
C:\Users\derya\AppData\Local\Temp\x264enc5.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-27 21:44
==================== End Of Log ============================
--- --- ---
FRST Additions Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2014
Ran by derya at 2014-12-28 13:40:50
Running from C:\Users\derya\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
Click Caption 1.10.0.5 (HKLM-x32\...\ClickCaption_1.10.0.5) (Version: 1.10.0.5 - ClickCaption) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
DizzyDing (HKLM\...\DizzyDing) (Version: 2014.12.28.012244 - DizzyDing) <==== ATTENTION!
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.10.923 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.39.604 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.39.604 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
Free YouTube Uploader version 4.0.12.415 (HKLM-x32\...\Free YouTube Uploader_is1) (Version: 4.0.12.415 - DVDVideoSoft Ltd.)
GIF Construction Set Professional 4 (HKLM-x32\...\{2C49CB68-C654-11DF-87E7-FB37E0D72085}) (Version: 4.0.0.32 - Alchemy Mindworks)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (Version: 1.0.1.11110 - Sony Corporation) Hidden
Spotify (HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Store App Support Utility (HKLM\...\{B93C07D4-49FF-440D-8A6A-054A42AEA960}) (Version: 1.0.0.02240 - Sony Corporation)
Unity Web Player (HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote-Tastatur mit PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.0.09210 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.2.11060 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 3.33 - NCH Software)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-525407912-4045976023-3324896752-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\derya\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
12-12-2014 04:29:53 Windows Update
15-12-2014 23:44:09 Windows Update
19-12-2014 13:16:46 Windows Update
27-12-2014 16:46:15 Konfiguriert PowerDVD
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0277D0EB-1FCA-4404-B67E-17BB559A08C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24] (Google Inc.)
Task: {0731F49B-1010-4A21-9AE4-B61E48C8E301} - System32\Tasks\{FB6262E9-7068-405C-A450-B9728F2BB8F5} => pcalua.exe -a "C:\Program Files (x86)\TuneUp Utilities 2013\TUInstallHelper.exe" -c --Trigger-Uninstall
Task: {085C92B0-55B4-40EA-835D-A4FB9745A60B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-525407912-4045976023-3324896752-1001Core => C:\Users\derya\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-15] (Facebook Inc.)
Task: {10380A9E-0AFC-4137-AA3B-2DA2B739DEEC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {103C9D3C-C9A3-4F6F-947C-E121040F3500} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {15C1AF22-AC9E-4F26-B43F-B222C1267C87} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {1E0375E4-07A1-4ED5-94B0-968B97A56FB7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {1EFB8B5B-455D-4C0B-89DB-5504FE8D9078} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-12] (Microsoft Corporation)
Task: {1F1FFBBA-90CC-4110-91BE-20443FC127A6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-525407912-4045976023-3324896752-1001UA => C:\Users\derya\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-15] (Facebook Inc.)
Task: {208EA284-9129-4220-AC20-DECD17117AEF} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {20A9711C-2D98-499B-8ADE-D611B1B852AD} - System32\Tasks\{3493F740-68E8-4D96-A9BC-9915693ED156} => Chrome.exe Skype für den Desktop herunterladen
Task: {30515C7E-8821-455B-AC8C-10763E97ED4D} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {30D1571D-77C8-45CF-8231-C32756D7EF9B} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {36138E8C-3A18-473D-8806-FDD9E9C2D8D2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-26] (AVAST Software)
Task: {382A6A2C-1543-4B0F-902A-6438E0D63CC7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {3A20C8C1-81FF-4C1D-A3AF-2F928BDC286B} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {3D8C2E5D-75DC-4F35-8E4E-E1A663A6ABC0} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3E206FA7-9F63-4F1A-980B-073987E124E2} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2012-08-09] (Sony Corporation)
Task: {5A5A014D-CE38-4F61-AC21-3961B66D87EF} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5E630DA0-17C5-4C13-9F17-851C0D3BE452} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {5F209E3C-D722-421C-A133-0745406DD387} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {60629424-97A2-4081-99F9-DD7490111C18} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {63596347-2F6F-461D-8B5D-A343882623CC} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {63B300D0-95E3-42E5-A1B4-5A1B92D55594} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {65B8C83E-325E-4142-98A7-861A41B70F72} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2012-08-09] (Sony Corporation)
Task: {799D5F8E-5A21-4D17-8D76-6FE11BF7D698} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24] (Google Inc.)
Task: {928B18E9-74B7-49A2-8471-0E86382BDABD} - System32\Tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start => C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe [2014-02-24] (Sony Corporation)
Task: {9C7B5036-F1E7-4556-B526-F1D328439260} - System32\Tasks\{020032A9-26C4-4A98-9A29-DD86C745E95E} => pcalua.exe -a C:\ProgramData\ZombieNews\uninstall.exe -c /kb=y /ic=1
Task: {ABFECE39-52BB-4950-BF10-E1147C570C58} - System32\Tasks\Microsoft Office 15 Sync Maintenance for VAIO-derya VAIO => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {ADF98700-E3B6-404B-9B4D-93912A2A770D} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {AF481C7C-9140-44AA-A9FE-EBDCADCB80BB} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {B331704E-E23D-4855-838B-B13E1203196E} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {B5C86874-743A-4237-B89F-1341EA83F3F0} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {B727B0D7-ED78-4525-B946-B25900572F07} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-525407912-4045976023-3324896752-1001
Task: {C655A850-C846-4C6A-950B-916B1379B583} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {CCD7A2C8-142E-46C6-842B-918AF2F6BD86} - System32\Tasks\Installer_iwebar => C:\Users\derya\AppData\Local\Installer\Installiwebar_2898\DCytdieamo_amodc_setup.exe [2014-12-27] () <==== ATTENTION
Task: {D029D07F-4C01-43FA-B737-76A877C6B5AE} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {DB482FAA-2154-4819-8EFC-3013D67F4C6E} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {DC40A5E6-5F71-46F8-A6C6-7ACFEA600BBC} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {E5471E7F-5260-4A31-89C3-B6DE35C7D4A9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E89C8FD5-248A-481E-8EB8-8CEC3A3733E4} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-525407912-4045976023-3324896752-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {EAED3A0F-7DB0-4969-A3C0-9D0797120F32} - System32\Tasks\Installer_cr => C:\Users\derya\AppData\Local\Installer\Installcr_1672\DCytdieamo_amodc_setup.exe [2014-12-27] () <==== ATTENTION
Task: {EAF10A56-D24A-4B2C-B0D4-0DFF249CA50F} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
Task: {F604E89B-A5EA-4A3F-96E8-B63B639A4090} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-525407912-4045976023-3324896752-1001Core.job => C:\Users\derya\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-525407912-4045976023-3324896752-1001UA.job => C:\Users\derya\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2014-06-24 19:53 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-28 21:35 - 2013-11-28 21:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-28 21:32 - 2013-11-28 21:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-28 21:38 - 2013-11-28 21:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-28 21:38 - 2013-11-28 21:38 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-11-28 21:28 - 2013-11-28 21:28 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2013-09-24 13:06 - 2014-12-12 12:31 - 00374840 _____ () C:\Users\derya\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-12-27 16:12 - 2014-12-27 16:12 - 01185664 _____ () C:\Users\derya\AppData\Local\Installer\Installcr_1672\DCytdieamo_amodc_setup.exe
2014-12-27 16:12 - 2014-12-27 16:12 - 01185664 _____ () C:\Users\derya\AppData\Local\Installer\Installiwebar_2898\DCytdieamo_amodc_setup.exe
2014-12-28 10:43 - 2014-12-28 10:43 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122800\algo.dll
2013-04-24 17:15 - 2014-12-12 12:31 - 36966968 _____ () C:\Users\derya\AppData\Roaming\Spotify\Data\libcef.dll
2013-11-30 18:52 - 2013-11-30 18:52 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-08 15:54 - 2014-12-12 12:31 - 00867896 _____ () C:\Users\derya\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-09-24 13:06 - 2014-12-12 12:31 - 00886840 _____ () C:\Users\derya\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-24 13:06 - 2014-12-12 12:31 - 00108600 _____ () C:\Users\derya\AppData\Roaming\Spotify\Data\libegl.dll
2012-10-31 04:36 - 2012-08-06 18:54 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-11-14 13:46 - 2014-11-14 13:46 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\derya\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\derya\Downloads\DivX.Web.Player.Installer__8420_i1432837035_il29559.exe:typelib
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "YTDownloader"
HKU\S-1-5-21-525407912-4045976023-3324896752-1001\...\StartupApproved\Run: => "Skype"
========================= Accounts: ==========================
Administrator (S-1-5-21-525407912-4045976023-3324896752-500 - Administrator - Disabled)
derya (S-1-5-21-525407912-4045976023-3324896752-1001 - Administrator - Enabled) => C:\Users\derya
Gast (S-1-5-21-525407912-4045976023-3324896752-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-525407912-4045976023-3324896752-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/28/2014 01:09:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.0.0.8170, Zeitstempel: 0x502ea187
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x15e8
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5
Error: (12/28/2014 01:07:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.0.0.8170, Zeitstempel: 0x502ea187
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x11e4
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5
Error: (12/28/2014 01:01:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007ffafdcdab71
ID des fehlerhaften Prozesses: 0x16b4
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Vollständiger Name des fehlerhaften Pakets: VCAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VCAgent.exe5
Error: (12/28/2014 01:01:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei VCAgent.App.Main()
Error: (12/28/2014 05:44:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1368
Startzeit: 01d02258920f59ea
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: 3dd854ec-8e4c-11e4-befd-a41731c9d314
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (12/28/2014 05:14:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.0.0.8170, Zeitstempel: 0x502ea187
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x15d4
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5
Error: (12/28/2014 05:13:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.0.0.8170, Zeitstempel: 0x502ea187
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x1314
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5
Error: (12/28/2014 05:10:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DeviceAssociationService, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfe3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0d6c
ID des fehlerhaften Prozesses: 0x1a8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DeviceAssociationService0
Pfad der fehlerhaften Anwendung: svchost.exe_DeviceAssociationService1
Pfad des fehlerhaften Moduls: svchost.exe_DeviceAssociationService2
Berichtskennung: svchost.exe_DeviceAssociationService3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DeviceAssociationService4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DeviceAssociationService5
Error: (12/28/2014 04:37:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.0.0.8170, Zeitstempel: 0x502ea187
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x11b8
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5
Error: (12/28/2014 04:35:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.0.0.8170, Zeitstempel: 0x502ea187
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x6b4
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5
System errors:
=============
Error: (12/28/2014 01:40:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (12/28/2014 01:23:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (12/28/2014 01:11:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (12/28/2014 01:11:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (12/28/2014 01:11:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (12/28/2014 01:11:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (12/28/2014 01:10:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (12/28/2014 01:10:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (12/28/2014 01:10:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (12/28/2014 01:10:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Microsoft Office Sessions:
=========================
Error: (12/28/2014 01:09:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VESUserProxy.exe6.0.0.8170502ea187SynCom.DLL6.3.9600.1727853eeb4a3c000013500098f0515e801d0229725259bbdC:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLL63f7c99e-8e8a-11e4-befe-a41731c9d314
Error: (12/28/2014 01:07:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VESUserProxy.exe6.0.0.8170502ea187SynCom.DLL6.3.9600.1727853eeb4a3c000013500098f0511e401d02296dd9b4dbfC:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLL1de048ce-8e8a-11e4-befe-a41731c9d314
Error: (12/28/2014 01:01:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007ffafdcdab7116b401d0225583a0c05eC:\Program Files\Sony\VAIO Care\VCAgent.exeunknown32bcaa35-8e89-11e4-befd-a41731c9d314
Error: (12/28/2014 01:01:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei VCAgent.App.Main()
Error: (12/28/2014 05:44:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031136801d02258920f59ea4294967295C:\WINDOWS\syswow64\wwahost.exe3dd854ec-8e4c-11e4-befd-a41731c9d314Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
Error: (12/28/2014 05:14:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VESUserProxy.exe6.0.0.8170502ea187SynCom.DLL6.3.9600.1727853eeb4a3c000013500098f0515d401d02254cb8baa24C:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLL09f5f78a-8e48-11e4-befd-a41731c9d314
Error: (12/28/2014 05:13:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VESUserProxy.exe6.0.0.8170502ea187SynCom.DLL6.3.9600.1727853eeb4a3c000013500098f05131401d022549ed56d94C:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLLdff77640-8e47-11e4-befd-a41731c9d314
Error: (12/28/2014 05:10:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DeviceAssociationService6.3.9600.163845215dfe3ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c1a801d0224f28067995C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll6cfbf869-8e47-11e4-befc-a41731c9d314
Error: (12/28/2014 04:37:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VESUserProxy.exe6.0.0.8170502ea187SynCom.DLL6.3.9600.1727853eeb4a3c000013500098f0511b801d0224f94f2b219C:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLLd3457086-8e42-11e4-befc-a41731c9d314
Error: (12/28/2014 04:35:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VESUserProxy.exe6.0.0.8170502ea187SynCom.DLL6.3.9600.1727853eeb4a3c000013500098f056b401d0224f60a6def3C:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLLa2891311-8e42-11e4-befc-a41731c9d314
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 3973.28 MB
Available physical RAM: 2184.43 MB
Total Pagefile: 6405.28 MB
Available Pagefile: 4296.72 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:267.76 GB) (Free:165.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 765EFBF8)
Partition: GPT Partition Type.
==================== End Of Log ============================
--- --- ---
__________________ 
28.12.2014, 13:30
danke im Voraus. 
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ 
dann auf 
und dann auf 
. 
Linear-Darstellung
