FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Karisha (administrator) on KARISHA-VAIO on 28-01-2015 21:50:09
Running from C:\Users\Karisha\Downloads
Loaded Profiles: Karisha (Available profiles: Karisha)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Sony Corporation) C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Sony Corporation) C:\Program Files (x86)\SONY\Media Gallery\ElbServer.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Sony Corporation) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [208384 2009-11-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-21] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Alwil Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Alwil Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-3543711794-1013096970-3546453479-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [72192 2009-10-15] (Sony Corporation)
HKU\S-1-5-21-3543711794-1013096970-3546453479-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3543711794-1013096970-3546453479-1000\...\Run: [GoogleChromeAutoLaunch_AC63ACD39F92D9EFD98123C4FCC1E38F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-01-25] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe [854704 2014-10-27] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3543711794-1013096970-3546453479-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3543711794-1013096970-3546453479-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File
Toolbar: HKU\S-1-5-21-3543711794-1013096970-3546453479-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3543711794-1013096970-3546453479-1000 -> Ñïóòíèê@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Karisha\AppData\Roaming\Mozilla\Firefox\Profiles\qgpfajj7.default
FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF Homepage: hxxp://www.netflix.com/WiHome?locale=de-DE
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_38 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Karisha\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Extension: Avira Browser Safety - C:\Users\Karisha\AppData\Roaming\Mozilla\Firefox\Profiles\qgpfajj7.default\Extensions\abs@avira.com [2014-12-12]
FF Extension: winservice86 - C:\Users\Karisha\AppData\Roaming\Mozilla\Firefox\Profiles\qgpfajj7.default\Extensions\taylorralston@hotmail.com [2014-09-25]
FF Extension: DownloadHelper - C:\Users\Karisha\AppData\Roaming\Mozilla\Firefox\Profiles\qgpfajj7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-26]
FF Extension: CSHelper - C:\Users\Karisha\AppData\Roaming\Mozilla\Firefox\Profiles\qgpfajj7.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2012-04-02]
FF Extension: CouponDownloader - C:\Users\Karisha\AppData\Roaming\Mozilla\Firefox\Profiles\qgpfajj7.default\Extensions\j004-efxyrmbzyotmaw@jetpack.xpi [2014-07-28]
FF Extension: Adblock Plus - C:\Users\Karisha\AppData\Roaming\Mozilla\Firefox\Profiles\qgpfajj7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-27]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2014-10-12]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2014-03-13]
FF HKLM-x32\...\Firefox\Extensions: [{6932677A-68AF-46F1-AAD8-DBB10A1D30B8}] - C:\Windows\Installer\{A604162A-7843-41B7-BA4C-2B66435C1348}\{6932677A-68AF-46F1-AAD8-DBB10A1D30B8}.xpi
FF Extension: No Name - C:\Windows\Installer\{A604162A-7843-41B7-BA4C-2B66435C1348}\{6932677A-68AF-46F1-AAD8-DBB10A1D30B8}.xpi [2014-07-21]
FF Extension: No Name - C:\Users\Karisha\AppData\Roaming\Mozilla\Firefox\Profiles\qgpfajj7.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-30]
CHR Extension: (Google Docs) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-30]
CHR Extension: (Google Drive) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-30]
CHR Extension: (YouTube) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-02]
CHR Extension: (Google-Suche) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-02]
CHR Extension: (Video Downloader professional) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-01-23]
CHR Extension: (Google Tabellen) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-30]
CHR Extension: (Download Helper) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjlohfdjcjhmfcabomglnciodlnplhk [2015-01-23]
CHR Extension: (Avira Browserschutz) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-13]
CHR Extension: (Google Wallet) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-30]
CHR Extension: (Google Mail) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-02]
CHR Extension: (Download Helper) - C:\Users\Karisha\AppData\Local\Google\Chrome\User Data\Default\Extensions\plakpcmpdoljmbpbndlkanblnchogifl [2015-01-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gfkbfjcbkhnmiignagpkiijohkcdkffb] - No Path
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [Not Found]
Opera:
=======
OPR Extension: (winservice86) - C:\Users\Karisha\AppData\Roaming\Opera Software\Opera Stable\Extensions\onhcengeacabehdkdhbdcigfolmmakof [2014-09-30]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions)
R2 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-10-15] (Sony Corporation)
R2 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-10-15] (Sony Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-09-14] (Sony Corporation) [File not signed]
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416 2009-09-14] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-09-14] (Sony Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Verifies and fixes application compatibility issues; C:\Users\Karisha\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-25] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2011-07-05] (Mobile Connector) [File not signed]
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [42600 2010-11-12] (RapidSolution Software AG)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] ()
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\system32\drivers\btwrchid.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-28 21:50 - 2015-01-28 21:51 - 00025199 ____C () C:\Users\Karisha\Downloads\FRST.txt
2015-01-28 21:49 - 2015-01-28 21:50 - 00000000 ___DC () C:\FRST
2015-01-28 21:48 - 2015-01-28 21:48 - 02130432 ____C (Farbar) C:\Users\Karisha\Downloads\FRST64.exe
2015-01-27 21:06 - 2015-01-27 21:06 - 00001310 ____C () C:\Users\Karisha\Desktop\JRT.txt
2015-01-27 20:59 - 2015-01-27 20:59 - 00000000 ___DC () C:\Windows\ERUNT
2015-01-27 20:33 - 2015-01-27 20:42 - 00000000 ___DC () C:\AdwCleaner
2015-01-26 18:05 - 2015-01-26 18:26 - 00000000 ___DC () C:\Users\Karisha\Desktop\sachenR
2015-01-26 17:57 - 2015-01-26 17:58 - 00001772 ____C () C:\Windows\SysWOW64\${LOGFILE}
2015-01-26 16:22 - 2015-01-26 16:22 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2015-01-26 16:21 - 2015-01-26 20:21 - 00000000 ___DC () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-26 16:21 - 2015-01-26 17:38 - 00136408 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-26 16:12 - 2015-01-26 19:01 - 00000000 ___DC () C:\Users\Karisha\Desktop\mbar
2015-01-26 16:12 - 2015-01-26 17:37 - 00097496 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-26 11:33 - 2015-01-26 11:33 - 00041559 ____C () C:\ComboFix.txt
2015-01-26 10:58 - 2011-06-26 07:45 - 00256000 ____C () C:\Windows\PEV.exe
2015-01-26 10:58 - 2010-11-07 18:20 - 00208896 ____C () C:\Windows\MBR.exe
2015-01-26 10:58 - 2009-04-20 05:56 - 00060416 ____C (NirSoft) C:\Windows\NIRCMD.exe
2015-01-26 10:58 - 2000-08-31 01:00 - 00518144 ____C (SteelWerX) C:\Windows\SWREG.exe
2015-01-26 10:58 - 2000-08-31 01:00 - 00406528 ____C (SteelWerX) C:\Windows\SWSC.exe
2015-01-26 10:58 - 2000-08-31 01:00 - 00098816 ____C () C:\Windows\sed.exe
2015-01-26 10:58 - 2000-08-31 01:00 - 00080412 ____C () C:\Windows\grep.exe
2015-01-26 10:58 - 2000-08-31 01:00 - 00068096 ____C () C:\Windows\zip.exe
2015-01-26 10:50 - 2015-01-26 11:33 - 00000000 ___DC () C:\Qoobox
2015-01-26 10:48 - 2015-01-26 11:29 - 00000000 ___DC () C:\Windows\erdnt
2015-01-25 11:25 - 2015-01-25 11:26 - 00000000 ___DC () C:\Users\Karisha\Desktop\Sch.R.AT
2015-01-24 15:52 - 2015-01-24 15:52 - 00000000 ___DC () C:\Users\Karisha\Documents\My Weblog Posts
2015-01-23 22:16 - 2015-01-23 22:16 - 00000000 ___DC () C:\Users\Karisha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-21 21:05 - 2015-01-21 21:05 - 00003284 ____C () C:\Windows\System32\Tasks\vVBTIdcPapPPO4a
2015-01-21 21:05 - 2015-01-21 21:05 - 00003244 ____C () C:\Windows\System32\Tasks\j4LPy2qKXa5bPOf
2015-01-21 21:05 - 2015-01-21 21:05 - 00000000 ___DC () C:\Users\Karisha\AppData\Roaming\JCdyPOQ
2015-01-21 21:04 - 2015-01-21 21:05 - 00000000 ___DC () C:\Users\Karisha\AppData\Roaming\DPFThlk
2015-01-17 23:48 - 2015-01-17 23:48 - 00276480 ____C () C:\Windows\Minidump\011715-48765-01.dmp
2015-01-17 22:48 - 2015-01-17 23:47 - 335111886 _____ () C:\Windows\MEMORY.DMP
2015-01-17 22:48 - 2015-01-17 22:48 - 00276480 ____C () C:\Windows\Minidump\011715-35583-01.dmp
2015-01-16 19:59 - 2015-01-16 19:59 - 00000000 ___DC () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-16 19:59 - 2015-01-16 19:59 - 00000000 ___DC () C:\Users\Default\AppData\Roaming\Adobe
2015-01-16 19:59 - 2015-01-16 19:59 - 00000000 ___DC () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-16 19:59 - 2015-01-16 19:59 - 00000000 ___DC () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-14 00:07 - 2015-01-14 00:08 - 00000000 ___DC () C:\3d08587709e0f4fb723e6bf48492
2015-01-13 21:45 - 2015-01-14 09:42 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 21:45 - 2015-01-14 09:42 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 21:45 - 2015-01-14 09:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 21:45 - 2015-01-14 09:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 21:45 - 2015-01-14 09:42 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 21:45 - 2015-01-14 09:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 21:45 - 2015-01-14 09:41 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 21:45 - 2015-01-14 09:41 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 21:45 - 2015-01-14 09:41 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 21:45 - 2015-01-14 09:41 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 21:45 - 2015-01-14 09:41 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 21:45 - 2015-01-14 09:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 21:45 - 2015-01-14 09:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 21:13 - 2015-01-27 09:55 - 00000112 ____C () C:\ProgramData\8olDb1.dat
2015-01-10 22:11 - 2015-01-10 22:54 - 00011318 ____C () C:\Users\Karisha\Desktop\Gästeliste.xlsx
2015-01-09 16:19 - 2015-01-27 20:47 - 00000000 ___DC () C:\Users\Karisha\AppData\Roaming\Compatibility Verifier
2015-01-07 20:50 - 2015-01-16 22:58 - 00000000 ___DC () C:\Users\Karisha\Desktop\Hochzeitskram
2015-01-07 12:34 - 2015-01-16 12:08 - 00002441 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-07 12:24 - 2015-01-07 12:24 - 00000000 ___DC () C:\ProgramData\Visan
2015-01-07 12:24 - 2015-01-07 12:24 - 00000000 ___DC () C:\ProgramData\HP Photo Creations
2015-01-07 12:24 - 2015-01-07 12:24 - 00000000 ___DC () C:\Program Files (x86)\HP Photo Creations
2015-01-07 12:24 - 2015-01-07 12:24 - 00000000 ___DC () C:\Program Files (x86)\Hewlett-Packard
2015-01-07 12:23 - 2015-01-14 18:41 - 00000000 ___DC () C:\Users\Karisha\AppData\Roaming\HpUpdate
2015-01-07 12:23 - 2015-01-07 12:24 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-01-07 12:23 - 2014-03-06 12:51 - 00763912 ____C (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMC211.dll
2015-01-07 12:22 - 2015-01-07 12:23 - 00000000 ___DC () C:\Program Files (x86)\HP
2015-01-07 12:22 - 2015-01-07 12:22 - 00000000 ___DC () C:\ProgramData\HP
2015-01-07 12:22 - 2015-01-07 12:22 - 00000000 ___DC () C:\Program Files\HP
2015-01-07 12:21 - 2015-01-07 12:21 - 00000057 ____C () C:\ProgramData\Ament.ini
2015-01-07 12:18 - 2015-01-07 12:24 - 00000000 ___DC () C:\Users\Karisha\AppData\Local\HP
2015-01-03 00:07 - 2015-01-03 00:07 - 00000000 ___DC () C:\Users\Karisha\AppData\Local\PDF24
2015-01-03 00:06 - 2015-01-03 00:07 - 00000000 ___DC () C:\Program Files (x86)\PDF24
2015-01-03 00:06 - 2015-01-03 00:06 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-12-29 06:58 - 2014-12-29 06:58 - 00003142 ____C () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-12-29 06:58 - 2014-12-29 06:58 - 00002027 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
2014-12-29 06:58 - 2014-12-29 06:58 - 00000000 _RHDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-28 21:34 - 2014-11-30 21:29 - 00001112 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-28 21:34 - 2014-11-30 21:29 - 00001108 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-28 21:28 - 2010-10-26 16:15 - 00000000 ___DC () C:\Users\Karisha\AppData\Roaming\Skype
2015-01-28 21:16 - 2009-07-14 05:45 - 00022976 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-28 21:16 - 2009-07-14 05:45 - 00022976 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-28 21:13 - 2012-05-11 09:32 - 00000884 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-28 21:13 - 2010-10-26 15:34 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{660DB8BD-2C6B-4104-91C9-D41FBE50F72A}
2015-01-28 21:13 - 2010-10-26 11:33 - 01398925 ____C () C:\Windows\WindowsUpdate.log
2015-01-28 21:10 - 2014-11-02 17:51 - 00001145 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2015-01-28 21:00 - 2014-12-13 00:11 - 00006888 ____C () C:\Windows\setupact.log
2015-01-28 21:00 - 2014-06-28 11:41 - 00000000 ___DC () C:\Users\Karisha\AppData\Local\Adobe
2015-01-28 21:00 - 2011-03-10 17:00 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-28 21:00 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2015-01-27 20:47 - 2011-06-26 20:45 - 00435800 ____C () C:\Windows\PFRO.log
2015-01-27 20:42 - 2014-06-12 14:27 - 00001064 ____C () C:\Users\Karisha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-27 20:42 - 2010-10-26 15:33 - 00000999 ____C () C:\Users\Karisha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-27 20:41 - 2010-10-26 15:26 - 00000000 ___DC () C:\Users\Karisha
2015-01-27 08:49 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\tracing
2015-01-26 11:33 - 2009-07-14 04:20 - 00000000 _RHDC () C:\Users\Default
2015-01-26 11:24 - 2009-07-14 03:34 - 00000215 ____C () C:\Windows\system.ini
2015-01-26 10:53 - 2014-10-24 08:46 - 00000000 ___DC () C:\ProgramData\Package Cache
2015-01-26 10:52 - 2013-02-16 23:09 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-26 10:52 - 2013-02-16 23:09 - 00000000 ___DC () C:\ProgramData\Avira
2015-01-26 10:52 - 2013-02-16 23:09 - 00000000 ___DC () C:\Program Files (x86)\Avira
2015-01-24 21:54 - 2010-10-26 12:20 - 00704084 ____C () C:\Windows\system32\perfh007.dat
2015-01-24 21:54 - 2010-10-26 12:20 - 00151890 ____C () C:\Windows\system32\perfc007.dat
2015-01-24 21:54 - 2009-07-14 06:13 - 01632564 ____C () C:\Windows\system32\PerfStringBackup.INI
2015-01-23 23:15 - 2009-12-17 14:04 - 00000000 __HDC () C:\Users\Karisha\AppData\Local\UadYLvgCeMmOb
2015-01-23 11:44 - 2010-08-23 23:25 - 00000000 ___DC () C:\Users\Karisha\Documents\Uni
2015-01-23 11:41 - 2014-12-19 16:18 - 00000000 ___DC () C:\Users\Karisha\Desktop\Neuer Ordner
2015-01-21 21:05 - 2014-11-22 12:11 - 00000000 ___DC () C:\Users\Karisha\AppData\Roaming\nYSnpYo
2015-01-17 23:48 - 2012-01-07 15:38 - 00000000 ___DC () C:\Windows\Minidump
2015-01-16 12:39 - 2013-08-06 19:07 - 00000000 ___DC () C:\Users\Karisha\Documents\Unterlagen
2015-01-14 00:08 - 2013-07-17 11:48 - 00000000 ___DC () C:\Windows\system32\MRT
2015-01-14 00:08 - 2010-10-30 23:15 - 113365784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-10 20:51 - 2010-10-26 11:30 - 00000000 ___DC () C:\ProgramData\Adobe
2015-01-08 16:28 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-08 09:55 - 2011-01-27 22:59 - 00298120 ____C (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-07 21:25 - 2010-10-26 15:35 - 00000000 ___DC () C:\Users\Karisha\AppData\Roaming\Adobe
2015-01-07 12:33 - 2010-10-30 12:06 - 00000000 ___DC () C:\Program Files (x86)\Adobe
2015-01-05 21:19 - 2011-06-04 09:57 - 00000000 __RDC () C:\Program Files (x86)\Skype
2015-01-05 21:19 - 2010-10-26 16:08 - 00000000 ___DC () C:\ProgramData\Skype
2014-12-30 22:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-29 06:58 - 2010-11-04 09:03 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-12-29 06:58 - 2010-10-26 12:21 - 00000000 ___DC () C:\Program Files\Sony
2014-12-29 06:58 - 2010-10-26 11:29 - 00000000 ___DC () C:\Program Files (x86)\SONY
2014-12-29 06:56 - 2014-10-19 13:21 - 00013792 ____C () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-12-29 06:53 - 2010-11-02 00:09 - 00000000 ___DC () C:\Update
==================== Files in the root of some directories =======
2013-12-11 20:32 - 2013-12-11 20:32 - 0005096 ___HC () C:\Users\Karisha\AppData\Roaming\body2.html
2012-06-03 19:01 - 2013-06-09 21:58 - 0000120 ____C () C:\Users\Karisha\AppData\Roaming\Camdata.ini
2012-06-03 19:01 - 2013-06-09 21:58 - 0000408 ____C () C:\Users\Karisha\AppData\Roaming\CamLayout.ini
2012-06-03 19:01 - 2013-06-09 21:58 - 0000408 ____C () C:\Users\Karisha\AppData\Roaming\CamShapes.ini
2012-06-03 19:00 - 2013-06-09 21:58 - 0004416 ____C () C:\Users\Karisha\AppData\Roaming\CamStudio.cfg
2014-01-01 18:47 - 2014-07-19 08:38 - 0000125 ____C () C:\Users\Karisha\AppData\Roaming\WB.CFG
2011-01-13 23:59 - 2011-01-13 23:59 - 0000000 ____C () C:\Users\Karisha\AppData\Roaming\wklnhst.dat
2011-05-01 15:49 - 2012-01-09 15:51 - 0003584 ____C () C:\Users\Karisha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-22 18:30 - 2014-12-14 12:21 - 0000041 ____C () C:\Users\Karisha\AppData\Local\recently-fix.db
2011-05-19 15:38 - 2011-05-19 16:58 - 0000000 ____C () C:\Users\Karisha\AppData\Local\{9088BB87-BC6A-4711-9B1A-E1DC8061D2BC}
2015-01-13 21:13 - 2015-01-27 09:55 - 0000112 ____C () C:\ProgramData\8olDb1.dat
2015-01-07 12:21 - 2015-01-07 12:21 - 0000057 ____C () C:\ProgramData\Ament.ini
2014-10-17 20:34 - 2014-10-17 20:34 - 0000000 ___HC () C:\ProgramData\DP45977C.lfl
2010-10-26 16:16 - 2011-03-11 05:59 - 0000048 ___HC () C:\ProgramData\ezsidmv.dat
2011-12-30 22:41 - 2011-12-30 22:41 - 0000003 ____C () C:\ProgramData\MusicStation.log
2011-12-30 22:40 - 2011-12-30 22:40 - 0000221 ____C () C:\ProgramData\MusicStation.xml
Files to move or delete:
====================
C:\ProgramData\8olDb1.dat
Some content of TEMP:
====================
C:\Users\Karisha\AppData\Local\Temp\Quarantine.exe
C:\Users\Karisha\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-24 11:42
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by Karisha at 2015-01-28 21:51:49
Running from C:\Users\Karisha\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe After Effects CS5.5 (HKLM-x32\...\{CB04D8E1-7B9C-4F35-B2E2-E87CBE520805}) (Version: 10.5.1 - Adobe Systems Incorporated)
Adobe After Effects CS5.5 Third Party Content (HKLM-x32\...\{BE9C28A5-2098-466E-9F52-1AE9DA155E4F}) (Version: 10.5.1 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.4 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Premiere Pro CS5.5 (HKLM-x32\...\{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.193 - ArcSoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco AnyConnect VPN Client (HKLM-x32\...\{44257960-C5CC-45BA-8E83-524E4A0F3FD5}) (Version: 2.5.3054 - Cisco Systems, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Click to Disc MergeModules x64 (Version: 1.0.14230 - Sony Corporation) Hidden
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Einstellungen für VAIO-Inhaltsüberwachung (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.4.1.09180 - Sony Corporation)
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.0.545 - Evernote Corp.)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{333E22D7-9F56-4482-A13C-1B9D35B9D641}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Hilfe (HKLM-x32\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2040 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.4.1001 - Intel Corporation)
Java(TM) 6 Update 16 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416016FF}) (Version: 6.0.160 - Sun Microsystems, Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 38 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216038FF}) (Version: 6.0.380 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.1.1.11200 - Sony Corporation)
Media Gallery (x32 Version: 1.1.1.11200 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicStation (HKLM-x32\...\{AB259D46-F851-41B0-9AFA-AED8998AD68A}) (Version: 2.0.0.1067 - Omnifone)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.0.00.10260 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.2.00.16060 - Sony Corporation)
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.2.00.16060 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.2.00.15250 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.2.00.15250 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.2.00.15250 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.2.00.15250 - Sony Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.1.0.11200 - Sony Corporation)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony Home Network Library (HKLM-x32\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 2.0.1.10160 - Sony Corporation)
Sony Home Network Library (x32 Version: 2.0.1.10160 - Sony Corporation) Hidden
Sony Mobile Update Service (HKLM-x32\...\Update Service) (Version: 2.14.2.201402071544 - Sony Mobile Communications AB)
Sony PC Companion 2.10.228 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.228 - Sony)
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation)
VAIO Care (HKLM\...\{D9FFE40D-1A85-4541-992C-5EF505F391A4}) (Version: 8.4.2.12041 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}) (Version: 3.6.0.09250 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.6.0.09250 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Network Service Manager (HKLM-x32\...\{4427F384-B5BE-4769-B7D0-C784FC321EB1}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Metadata Manager Settings (HKLM-x32\...\{12D0BE8D-538C-4AB1-86DE-C540308F50DA}) (Version: 3.6.0.09240 - Sony Corporation)
VAIO Content Metadata Manager Settings (x32 Version: 3.6.0.09240 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata XML Interface Library (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Monitoring Settings (x32 Version: 2.4.1.09180 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.1.1.07160 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.2.0.09150 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.2.0.09150 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.1.00.15050 - Sony Corporation)
VAIO Energie Verwaltung (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.0.0.11300 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.6.0.09150 - Sony Corporation)
VAIO Entertainment Platform (x32 Version: 3.6.0.09150 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.1.0.12010 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 1.0.0.10290 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 3.9.1 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.1.10160 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 1.2.0.09100 - Sony Corporation)
VAIO Movie Story MergeModules x64 (Version: 1.0.14240 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.2.00.15250 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.0.00.09240 - Sony Corporation) Hidden
VAIO Original Function Settings (x32 Version: 2.0.0.07010 - Sony Corporation) Hidden
VAIO Original Funktion Einstellungen (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 2.0.0.07010 - Sony Corporation)
VAIO Personalization Manager (HKLM-x32\...\{A95187EF-BCF4-4468-B501-C0BAB976ADD1}) (Version: 2.0.0.06220 - Sony Corporation)
VAIO Personalization Manager (x32 Version: 2.0.0.06220 - Sony Corporation) Hidden
VAIO Premium Partners (HKLM-x32\...\VAIO Premium Partners) (Version: 1.0 - Sony Europe)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.3.1.7 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.3.1.7 - Sony Corporation) Hidden
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.2.06030 - Sony Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) (HKLM\...\930E4792BDAEAFB62A9514EE7578775658A5D07C) (Version: 09/09/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
09-01-2015 16:23:57 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
09-01-2015 16:29:02 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
13-01-2015 21:44:19 Windows Update
14-01-2015 00:05:22 Windows Update
14-01-2015 09:38:54 Windows Update
14-01-2015 22:32:54 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
20-01-2015 20:51:18 Windows Update
26-01-2015 10:58:43 ComboFix created restore point
26-01-2015 17:23:31 Malwarebytes Anti-Rootkit Restore Point
27-01-2015 19:51:34 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-04-18 14:47 - 2012-04-18 14:51 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05075F0B-83D4-42B7-A0FD-1B10183EAAEB} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {0AF4779C-1D56-4E44-B45F-9AA4D0A63508} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {0BE0C7EE-1C69-41A9-8329-E2121B48F65B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe
Task: {127E0018-5B30-46EB-86C3-9C2516CBBEF0} - System32\Tasks\{CEF8779D-BDFD-44C9-BE03-E70DC6525CAE} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {13E62536-EE15-46B4-B968-DB05D28FDF6F} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Karisha => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2009-06-09] (Sony Corporation)
Task: {15302AE8-22C2-42D0-8D01-EE4ADD2A5D41} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {1668C72E-D34A-448E-B2F6-E80E5EA2E598} - System32\Tasks\{1A19A426-1C7F-46DF-A1DF-0EDBB6789242} => E:\CRACK\Alles für Version 1.08\fear_update_engb_100-107_108.exe
Task: {182B3027-AF78-445E-BB60-9C542951C014} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {18C8A374-B537-4101-96DC-B845C9CB1BA5} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {1D2AC377-6F4F-4B9C-8112-9E5B4CF9B03A} - System32\Tasks\Java => C:\Program Files\Java\jre6\bin\jusched.exe [2010-10-26] (Sun Microsystems, Inc.)
Task: {2195D810-363F-4A9E-B47A-2F493DAC13FE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-09-17] (Sun Microsystems, Inc.)
Task: {219682F3-7F62-4432-85B3-E6B163DD63EC} - System32\Tasks\{9D54C562-C432-4BD3-8AD8-B08427327917} => pcalua.exe -a C:\Users\Karisha\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=tugs -simple=0 <==== ATTENTION
Task: {21C5175D-9498-4313-84BE-E3F67A997009} - System32\Tasks\{27E813BC-5EC0-4E4C-B214-BC1A94C2F645} => E:\CRACK\Alles für Version 1.08\fear_update_engb_100-107_108.exe
Task: {22D6D88B-1823-4934-BCF3-78033C442B82} - System32\Tasks\vVBTIdcPapPPO4a => C:\Users\Karisha\AppData\Roaming\JCdyPOQ\hFdwLtg.exe [2015-01-21] ( )
Task: {2435D03D-A69A-496E-BDFD-529DAF4E7C7B} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Task: {2533662A-F4A6-4F4A-AA0E-216C4E70208A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30] (Google Inc.)
Task: {2F0CED43-1C0F-4124-97C6-5999377F43B1} - System32\Tasks\{C14EFFF9-CF10-4313-B5DA-EBF42EFAAF07} => E:\CRACK\Alles für Version 1.08\fear_update_engb_100-107_108.exe
Task: {31D02841-B88D-420E-84D5-65A056F7FF2F} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {33A464C0-57F5-4446-AA17-C57EAEF7C2B3} - System32\Tasks\WoElx8Sk2himMgB => C:\Users\Karisha\AppData\Roaming\nYSnpYo\AsRymkC.exe [2014-11-22] ( )
Task: {35931C15-1036-4219-99EF-ECD8C6AE15A2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4967A4D2-8E9F-421E-8E1E-23848C3C137F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {50ABEEB8-2278-42AC-83D1-86F6175A9A3B} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5AE692E6-EF6E-418D-90EA-728DA5ADAD44} - System32\Tasks\{91D1BC5F-8B81-4535-9757-8CF852E5492F} => E:\CRACK\Alles für Version 1.08\fear_update_engb_100-107_108.exe
Task: {5B9ED25E-32C3-4880-9FBC-55A8BC9EDE6C} - System32\Tasks\{E161941C-5375-457B-BEFF-DE2E7F7906A9} => E:\CRACK\Alles für Version 1.08\fear_update_engb_100-107_108.exe
Task: {61EDF456-C747-4841-90A2-6B70C0CBF056} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {665A5992-F4D0-4A7D-883D-C32BE1D355EB} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Karisha\AppData\Roaming\~gfovdwd.exe
Task: {6AC5BEFA-B0C5-4F4D-BF8E-DD9EA956520F} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {6C45DC25-BEE5-4476-BE2B-8CAD7190F649} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {71420CBA-35B0-4D80-A67F-6B7FF97037C0} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {75372E37-9B34-45F5-94D9-185808318598} - System32\Tasks\WIN-statsAdmin => C:\Users\Karisha\AppData\Local\Microsoft\WinU\~pqrhqlg.exe <==== ATTENTION
Task: {78CEC305-B2E6-4AA3-AD2E-9127FB3BD1B4} - System32\Tasks\TaskUserUpdate_wp => C:\Users\Karisha\AppData\Roaming\~fxbvecz.exe
Task: {78EB8A28-D45C-4ACC-9279-66EF87B8CD7F} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {7BE987E8-8CD2-4F2A-AC47-E62B0FEC10BE} - System32\Tasks\{D25BD29A-1B4B-4883-9D3B-A237E0FDDEC6} => E:\CRACK\Alles für Version 1.08\fear_update_engb_100-107_108.exe
Task: {7FD563E0-A6D8-4513-A851-B521ABF0244A} - System32\Tasks\{E464EDF6-3E4B-433A-B877-E15AAF214A9E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {803C71B5-17C9-4E75-9AFF-1CC97984FBB3} - System32\Tasks\{477DCE99-7A71-4DB9-A7BE-20CBB6BFDBF8} => E:\CRACK\Alles für Version 1.08\fear_update_engb_100-107_108.exe
Task: {82117109-C2A9-4A7A-87D9-66F1250ECD57} - System32\Tasks\AdobeAAMUpdater-1.0-Karisha-VAIO-Karisha => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {83973D8E-F647-48FB-B7CA-BDB15F8D2569} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {974990A5-32B3-4287-87B8-D62BE966AE66} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-27] (Adobe Systems Incorporated)
Task: {A0F91E99-F10F-4326-ABD7-A0668BCFF0C6} - System32\Tasks\{9C8639BE-21F2-442A-A529-9739404DF46D} => E:\CRACK\Alles für Version 1.08\fear_update_engb_100-107_108.exe
Task: {A4B967FF-1B6D-4208-8056-15F85810776E} - System32\Tasks\{C43BBF1A-7E94-4C1A-8634-98D83E49F55A} => pcalua.exe -a "E:\CRACK\Alles für Version 1.08\FEAR-Uncutpatch-v1.08\FEAR_UCP108.exe" -d "E:\CRACK\Alles für Version 1.08\FEAR-Uncutpatch-v1.08"
Task: {B2535C04-9146-419A-A7B6-25B2AEE2775C} - System32\Tasks\SONY\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {B25E6982-8B9D-4FF4-B9A7-B7C35E398FED} - System32\Tasks\WIN-statsSystem => C:\Users\Karisha\AppData\Local\Microsoft\WinU\~twwwrms.exe
Task: {B6368CBF-942F-4CD5-A2D7-D3609EE92B12} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {BB0961E1-2AC5-45AA-A0AC-374763D8D322} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {BD26388A-E52C-4980-A9FB-0AE23F7E843D} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {C7D9FB27-7B6A-4E9B-A404-35A2CD209519} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {CC851F2F-EE09-4361-B850-3ED691D69A50} - System32\Tasks\{D5800493-D99E-4693-8730-6F00D2592242} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {CE7AB280-ADEC-4330-B947-C1BD5353BE27} - System32\Tasks\{19FBCE18-F1DF-4E5C-A883-068A66EECA39} => E:\CRACK\Alles für Version 1.08\fear_update_engb_100-107_108.exe
Task: {CF0F6D87-94D1-4680-ABC9-92F61FED3A70} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D31DA185-3504-4E6E-9B89-2B3DF173632F} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {D3427897-181E-4663-97E2-87D49C4E1797} - System32\Tasks\{FF9EB69E-C4CC-42E5-9AC4-873D093E7EC4} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {E9371097-B164-4ADA-B2E1-8D499650C94D} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {EDD11798-5E54-4093-9BB1-450EEDE2C143} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {EE6EE543-C1C3-411A-86CC-CCBA391D195C} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {EF323F56-9B5C-4E96-9EB2-192636BD6279} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30] (Google Inc.)
Task: {F385DE9F-9187-4C21-AA82-55750F1544AA} - System32\Tasks\{E4329896-36B1-4D89-9DA7-BFD2654FD944} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {F94A4093-0347-422B-93B1-5A394BF9BBA1} - System32\Tasks\{039A48BC-9832-428F-8206-53297C7519CA} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152&LastError=-3
Task: {FB895C6D-EC94-4AF1-952D-F373567009A0} - System32\Tasks\{F82D2F3D-2F48-42C6-AB1A-878C9C6AEDBB} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {FC126209-FA78-4096-9A81-65B919D092E4} - System32\Tasks\{F1F5AECD-C2F0-487F-BE4E-9BCA045F0170} => E:\CRACK\Alles für Version 1.08\fear_update_engb_100-107_108.exe
Task: {FC521BC1-5B2F-4138-A70F-0FE959BFA34F} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {FDCB52BA-1B7F-41C0-B00A-54E83B528ECC} - System32\Tasks\j4LPy2qKXa5bPOf => C:\Users\Karisha\AppData\Roaming\DPFThlk\ISg9vP1.exe [2015-01-21] ( )
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-10-26 11:47 - 2009-10-15 15:34 - 00376832 _____ () C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\sqlite3.dll
2010-10-26 11:47 - 2009-12-01 21:03 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-10-26 11:47 - 2009-12-01 21:03 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2010-10-26 11:47 - 2009-10-15 15:34 - 00135168 _____ () C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\Extension\MrsMpegParser.dll
2009-12-25 22:59 - 2009-11-21 00:19 - 00058880 ____C () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2010-10-26 11:49 - 2009-06-09 18:52 - 00495616 _____ () C:\Program Files\Sony\VAIO Personalization Manager\sqlite3.dll
2015-01-27 20:18 - 2015-01-25 22:08 - 01117512 ____C () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 20:18 - 2015-01-25 22:08 - 00211272 ____C () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 20:18 - 2015-01-25 22:08 - 09170760 ____C () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
AlternateDataStreams: C:\Users\Karisha\Cookies:DoUMDkcQCVziwZow8Xv4BpUni
AlternateDataStreams: C:\Users\Karisha\AppData\Local\UadYLvgCeMmOb:ArGSCYI82t0AOpQdavtm5Ye2AjJd
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Karisha^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EKAIO2StatusMonitor => C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI.exe
MSCONFIG\startupreg: PMBVolumeWatcher => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SHTtray.exe => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: V-bates => C:\Program Files\V-bates\notifier.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-3543711794-1013096970-3546453479-500 - Administrator - Disabled)
Gast (S-1-5-21-3543711794-1013096970-3546453479-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3543711794-1013096970-3546453479-1002 - Limited - Enabled)
Karisha (S-1-5-21-3543711794-1013096970-3546453479-1000 - Administrator - Enabled) => C:\Users\Karisha
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/28/2015 09:40:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/28/2015 09:40:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/28/2015 09:40:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/28/2015 09:40:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/28/2015 09:40:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/28/2015 09:40:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/28/2015 09:40:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/28/2015 09:40:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/28/2015 09:40:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/28/2015 09:40:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (01/28/2015 09:06:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612
Error: (01/28/2015 09:02:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst VcmINSMgr erreicht.
Error: (01/28/2015 09:01:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst VcmIAlzMgr erreicht.
Error: (01/28/2015 09:01:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst VCFw erreicht.
Error: (01/28/2015 09:00:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.
Error: (01/28/2015 08:40:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612
Error: (01/28/2015 08:37:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/28/2015 08:37:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Rapid Storage Technology erreicht.
Error: (01/28/2015 08:36:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.
Error: (01/27/2015 10:29:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-01-26 11:17:48.547
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-26 11:17:48.487
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 56%
Total physical RAM: 3758.1 MB
Available physical RAM: 1640.9 MB
Total Pagefile: 7514.38 MB
Available Pagefile: 4598.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:287.73 GB) (Free:49.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 5E538101)
Partition 1: (Not Active) - (Size=10.3 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=287.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
Musik im Hintergrund; PC bleibt hängen und lässt kein Antivirusprogramm runterzuladen
(https://www.trojaner-board.de/163164-musik-hintergrund-pc-bleibt-haengen-laesst-kein-antivirusprogramm-runterzuladen.html)
FRST 32-Bit | FRST 64-Bit
Lesestoff:
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
AdwCleaner auf deinen Desktop.
